Password Reset not working on Login or User Screen

I'm using Sitefinity 4.4 and trying to reset a user's password after she told me the 'Forgot Your password?' link wasn't working.

I've verified that when clicking the link on the login page it does nothing in any browser. I figured as a workaround I could go to the users screen and click on the 'Reset password' button. After clicking the button a new password is no longer shown.

Is this something that other people are experiencing or have I done something to cause this behavior (I don't think I have)?

Hi Mark,

First of all you need to set properly your SMTP settings in Administration -> Settings -> Advanced -> System -> SMTP Settings. Do not forget to set a valid sender email address. Also for your membership provider - I suppose it is the "Default" one, you need to set the enablePasswordReset property to "true". Go to Administration -> Settings -> Advanced -> Security -> Membership Providers -> Default -> Parameters and there set a valid

recoveryMailAddress
enablePasswordReset

Also make sure that recoveryMailBody contains the following special tag:

<%\s*Password\s*%>

I'm having the same problem - in 4.2. Not working like it did in earlier versions.

What are all these steps we have to take all of sudden.

Hello Scott,

We made some changes to the way the reset password functionality works. Is my previous reply not working for you?

This reply is not working for me. I put in a support ticket request.

Also, does this mean that the user will get their password sent to them via email every time they change their password or only when they need a new password sent to them because they forgot?

Hello Amanda,

I replied to your ticket. The user will get an email every time the password is being changed. However you need to include the special tag - <%\s*Password\s*%> - that will be replaced with the actual password in the email body.

I have all these settings set properly, the resets work properly, but do we not see the new password in the backend interface anymore?

Hello Kristian,

This is strange. You should see the new password in a yellow box like the attached image.

was there a resolution to this.

was there a resolution to this.

Hello,

Please excuse us for the inconvenience caused. Actually we have introduced some changes in this functionality since the Sitefinity 4.4 release for security improvements. If you want to enable the password reset functionality you'll need to go to Advanced settings and edit the Default MembershipProvider parameter enablePasswordReset, which is set to flase by default. please set it to true, and also configure defaultSenderAddress to a valid email address which Sitefinity will use when sending the password reset email. Aside from that, you'll need to perform the regular SMTP settings so the application can actually send emails. Once you've got everything configured you might need to recycle your application pool, to make sure the new configuration is read, an you should have the new password displayed in the User profile screen just like it used to in previous versions. Please do not hesitate to let us know if you need some additional information on the issue, or you have any other questions. We'll be glad to help you further.

as per my post above - i had already changed the setting to true and email is working properly.

Hi,

The DefaultSenderEmailAddress parameter belongs to the System SMTP settings, and is configured under Administration -> Settings -> Advanced -> System -> SMTP settings, please make sure it is filled in with a valid email address.
Under parameters for the Default MembershipProvider, please make sure you've set the recoveryMailAddress to a valid email address; enablePasswordReset and enablePasswordRetrieval to true, and try restarting the application to make sure the new provider keys are loaded. If any issues persist, please do not hesitate to get back to us.

Kind regards,
Boyan Barnev
the Telerik team

It does not work for me as well.  I followed your instructions with setting values inside the config files.  

I can confirm that backend password reset works with Version 5.0 SP1.
There are limitations of course when comparing it to the standard ASP.NET password recovery, where localized email subject and body are easily implemented. Here you're stuck with English.

Is there a template one can work on to implement backend password reset?

I got it to work. 

There are two places where DefaultSenderEmailAddress field has have a valid email: SMTP and Notifications.

I had the SMTP email correct, I did not have default email at Administration -> Advanced -> Notifications -> Profiles -> Default.

I spent a good part of the day trying to get this to work.  I followed the instruction according to Lubomir and Mark.  I don't see an option for reseting the password.  Can someone help?  I am running Sitefinity Version 5.1.3210.0.

Did you get it to work Bob?

Maybe you can make use of password reset tool like Smartkey

Has anyone gotten this to work? I have valid email addresses in both notifications and SMTP settings, but the change password button in Administration -> Users does not send an email to the user. Can't get this to work.

I'm having no luck with this on 6.3 using Claims authentication

As far as I know the backend user administration is not designed to sent out new passwords to user.

The old discussion above regarded the front-end login widget.

Until I converted to claims, it has been working on the backend login screen. You simply clicked the reset my password link, typed in your email address and a new password was sent to you.

Thought you were talking about the Administration > Users grid. Sorry.

Seems to me you need to set parameters of the new membership provider. What you used before is probably "OpenAccessMembership37Provider."

What you use now is the Default provider.

Administration > Settings > Advanced > Security > Membership Providers > Default > Parameters

Hope this helps.