Reset Password Component for Joomla

January 31, 2011 113 comments

Lately I have gotten a bit frustrated with a bug within the Joomla 1.5 reset password functions.
I got lots of angry emails from users that had an invalid token error.

Also I never really liked that users had to copy and paste the token manually.
But I probably could have lived with that, if there wasn’t the rather random invalid token error my users were getting.

Out of this frustration I created a new component that handles the reset password process. There is also a plugin that needs to be activated.
When the plugin is activated, it attempts to replace the joomla default forgot password link with a link to this component.

This was mainly written for my own joomla websites but I decided to provide it as a free download in the hope that it might be useful for others as well.

Notes:

requires PHP 5 or greater
this will most likely only work with the default joomla login module.
for security reasons you can not reset super administrator passwords.

Available languages files:

Polish by Piotr Gąsiorowski
German by Urs Brülhart
Finnish by Anne Mattila
Greek by Christopher Valmas
Spanish by Manuel Gonzalez
Italian by Marco Maiella
French and Dutch Translation by Irina Malinovskaia
Portuguese by Fernando Andrade

Updates:

Jun 2011: Added option to authenticate user by email instead of username
Jul 2011: Fixed issues with Joomla 1.6 – admin interface error and language replacement.
Aug 2011: Added Option to send a Random Password instead of a verification email (one step password reset)
Oct 2011: Security fix (thanks to Leo for finding this)

Download Component

Download Plugin

If you find the component useful, please consider making a donation to support the development and maintenance. Thanks

Joomla Extensions none

Comments

Leave a comment Trackback

Written by Porter about 1 year ago.

Also, where does one modify the languages? On my French, German, Italian and Spanish pages I get ‘RANDOM_REQUEST_PASSWORD’ ?

I have the Joomfish component to translate
Written by Teet about 1 year ago.

Hi Mark,

Any update re a Joomla 2.5+ compatible version?

It would be greatly appreciated

Kind regards.
Written by ace about 1 year ago.

Yes a 2.5 version would be fantastic if you have the time! Thanks.
Written by Sándor about 1 year ago.

It works great on my Dutch website but not on my German website.
I don’t know what I am doing wrong.
If I click on forgot password it can’t find the page. Or it sais forbidden acces (flooding)
Can you please help me?
Thanks
Written by Faye about 10 months ago.

Thankyou, thankyou, thankyou! This password reset has annoyed me for the longest time!! I can’t believe it took me so long to find your fix. You’re awesome!
Written by Em about 7 months ago.

Hi Mark,

I’m hoping it’s simply a case of me being a little daft when it comes to Joomla. I’ve installed both component and plug in and all seems to work just fine – except I’m not receiving the verification email? I get as far as here:
Please enter the email address for your account. A verification email will be sent to you.
Once you have received the verification email, you will be able to choose a new password for your account.

The page simply refreshes and I never receive the email? Is there a quick fix or anything you can advise?

Would be greatly appreciated.

Thanks again,

Em
Written by Pat about 7 months ago.

Awesome! This should be core, and you sir, are a scholar and a gentleman!
Written by Giuseppe about 7 months ago.

Hi guys,
I tried the component with one of my sites, but it seems to not work perfectly.
When I try to change a password when I’m logged in, i always receive the same message “Username not found”.

This website has the Joomla 1.5.26 version installed.

Any suggestions?
Thanks a lot for your support,
Best.

Giuseppe
Written by Dave Friederichs about 6 months ago.

This extension is great! It does 95% of what I need. The only thing – I’m using a 3rd-party extension (EmailAsUsername – http://www.lunarhotel.co.uk/) that substitutes an email field everywhere that there’s normally a username field and allows the user to log in with their email. On the password reset screen, it still asks for a username. Is there any way to change that to ask for an email address?
Written by Dave Friederichs about 6 months ago.

Never mind – answered my own question.
Written by Lina Posada about 6 months ago.

Please make for 2.5!
Written by Nico about 6 months ago.

Hello,
it seems I am the only one that had to change the crypted password generator bit of code.
The component (dowloaded here, today) creates not “salted” password. So too short password.
Had to look at the JuserHelper and see how to create longer salted password.

// component origin
//$cryptpassword = JUserHelper::getCryptedPassword($password1) ;

// my_mod
$salt = JUserHelper::genRandomPassword(32);
$crypt = JUserHelper::getCryptedPassword($password1, $salt);
$cryptpassword = $crypt.’:’.$salt;
// end of my_mod

After that it works very well.

Also facing the problems of not translated “create random password” part. (italian) I get language key strings instead of translated ones. This is little problem. I’ll translate now.
Written by mark about 6 months ago.

Hi there

Did you do this mod for joomla 2.5?
You can send me the missing italian translation string through the contact section and
I’ll add it – will also check you mod code and include it.

Cheers and thanks for your help

Comment Pages:Previous 1 2 3

Leave a Comment

Recent Posts

Categories

Archives