Password reset - Thought it would be different in 4

[pambesteder]

I thought for sure, that the password reset option wouldn't use that token in Joomla.

Oh well... back to trying to find an extension for 4 that just allows them to click a link to do it without this copy and paste step. Ugh!

[sozzled]

I thought for sure, that the password reset option wouldn't use that token in Joomla.

What are you talking about? There's no absolute necessity to "copy and paste" in J! 3 (or J! 2.5 or J! 1.5) that I remember. Don't you just click a link (which happens to contain a "token") in an email? What's so difficult about that? What "extension" exists in J! 3.x (outside what's provided within the core CMS) that allows people to login to a website without some security check, like click a link in an email, to prevent anyone taking over someone else's account?

Seriously, though, you can't "copy and paste" a token if you weren't given this token somewhere ... and that somewhere is in a email, right? Or are you saying that some "token" is now offered in J! 4 in plain text? And how is this mechanism—the way things have always operated in J!—a disappointment?

What gives people the impression that makes them believe certainties about something or that things will somehow be different because a new product is released on the market? Where do these rumours originate: Facebook, talkback radio ... my mother?

I suppose it's possible—this requires a leap of faith on my part—that people have email apps that strip away clickable links. I suppose that's possible. It kind of deletes the purpose but I suppose some people distrust email enough that their email-reading program removes clickable links. I don't operate like that but I suppose some people may.

I'm struggling to understand the question. As I say, what are you talking about here?

[pambesteder]

Yes, I used the reset option and got this email:
The token is in the email ... and historically that has confused my users.

Have gotten emails ... "What's this code? What do I do with it? Yadda, yadda."

Is there a way to remove that token portion from the email now in Joomla 4 and just leave the link to click?

-----
Hello,

A request has been made to reset your Joomla! account password. To reset your password, you will need to submit this verification code to verify that the request was legitimate.

The verification code is c6ff2f5f5c4698c41725ca1d178d992c

Select the URL below and proceed with resetting your password.

http://mygogive.com/spanish/index.php/c ... Itemid=101

Thank you.

[sozzled]

Thank you for the explanation. The message, exhorting people to submit a "verification code", is a bit of mumbo-jumbo.

This is, in fact, the guts of it:

G'day,

Someone made a request to reset your Joomla! account password. If it wasn't you, please ignore this email.

If you want to reset your password, click the following link:

mydomain.com/index.php/component/users/reset?layout=confirm&token=c6ff2f5f5c4698c41725ca1d178d992c&Itemid=101

In a nutshell, that's the only thing that people need to do. The rest of the email is possibly useful if people are unable to point and shoot at something clickable.

The good thing about J! 4 is that you can change the wording of "official looking" emails pretty easily. You've always been able to change the wording in J! 3.x but it's probably even easier in J! 4 with email templates.

[pambesteder]

Yeah, I like your email version instead. I'll play around in the Joomla 4 to see if I can update that. Thanks!