send password reset token in password recovery email

OMG - amateur mistake; thank you so much

SOLVED

We are having issues with password reset also. Many times, the passwords sent to the users do not work. We have a pretty strict password verification, but I have to assume that only applies when the user changes their password and it doesn't apply to the ones CB sends out for a reset. We had a LOT of trouble with this when using CBJUICE to create profiles from user data stored in a spreadsheet, but I would not expect this issue from CB itself.

Is there any known issue with CB occasionally sending a password that doesn't work? I have not personally experienced this, but a lot of users are complaining about it.

Thanks.
Bruce

Is there any known issue with CB occasionally sending a password that doesn't work?

No, not that I am aware. We just call Joomla API to generate the new password, which is then saved to the user and emailed to them.

I have not personally experienced this, but a lot of users are complaining about it.

Without a reliable way to confirm or an error of some kind there's nothing for me to investigate. Have retested this feature and appears to be working fine. Please be sure you're not causing a store issue with CB Auto Actions if you're acting on user update triggers as that could result in a conflict depending on what you're doing in CB Auto Actions.

My personal opinion on it (no proof) is that they are double-clicking on the password and copying it plus the space after it and pasting that into the password box. There's no Auto Action involved on this. I know I often fail to consider its impact on things, but not this time.

Thanks for the info.

It's very possible that's what is happening. We'll be changing A LOT with CB 3.0 on Joomla 4. Ideally no more CB login module and you'll just use Joomlas including Joomlas reset password feature, but we'll see as it depends on how well we can extend Joomlas module with some of our functionality.

Reset passwords emailed to users after they click "Forgot Login?" continue to be problematic. The following issues have been reported and verified (not by me, but by someone else).

• sometimes the password email has a blank password
• sometimes the password sent in the email does not work

I don't recall having any control over the email sent for password resets, so there is nothing for me to check anywhere. The problem has been assigned to someone else on the team now. They won't be able to discuss it here, though, since the subscription is on my account. All I can say about testing results is that you don't have over 25,000 test cases (site members) like I do. This is a widespread problem but it obviously doesn't affect everybody.