As of now, the admin has the ability to change a user's password, but there is not a mechanism to notify the user fo the password change. When you change a username, a box popups up that can be emailed to the user. This type of functionality needs to be available when changing a password for the user.

In addition, the admin should have the ability to browse for a user and then click a "reset password" button, which will send the user an email message with a link to change password. I know that this can be done manually on the front side, but would be a real pain if you need to reset multiple passwords for users.

Agreed. With ability to send CURRENT password as well.

Something like a radio button to Send Current or Generate New.

Agreed. With ability to send CURRENT password as well.

Something like a radio button to Send Current or Generate New.

Sending the current password would not be possible without storing it plaintext in the database somewhere, which is a security issue.

Gotcha. I always tell people use the lost password function. I guess then, this sends a new one. Thanks. Didn't know that.

I do agree with the original request.

I think is a great idea, just send them an email to notify them of the login credentials, no need for the old password to be listed. Alternatively, a link like the one is sent when using "forget my password" can be sent. (makes sense?)

I agree as well. It seems trivial to reset a password, but how can there not be a way to notify the user of this change? Clicking the reset password button should auto-generate one and email it to the account on file. End of story.

A more important question is why does the admin even need to know the password? THAT seems like a security risk. Admins can be granted access to login as the user, or not, but they never have their password. The act of resetting the password also does not need to involve the admin choosing or knowing it.

So if I may add to this, I vote to simplify the reset password option from acp, and I also vote to remove the admins ability to choose the new password.

I am dealing with an issue where during a conversion from vbulletin all of my users are having issues with their old passwords. They are active members and the member accounts work/have permissions but they can't log in.

There should be a tool that allows me to reset passwords on all selected accounts. This tool should simply email the user and tell them they need to follow this link to reset their password. That way I don't know it, they get notified, everybody wins.

I am dealing with an issue where during a conversion from vbulletin all of my users are having issues with their old passwords. They are active members and the member accounts work/have permissions but they can't log in.

There should be a tool that allows me to reset passwords on all selected accounts. This tool should simply email the user and tell them they need to follow this link to reset their password. That way I don't know it, they get notified, everybody wins.

In your specific case, please submit a support request, conversions from vBulletin should allow passwords to work for all members. :smile:

'?do=embed' frameborder='0' data-embedContent>>

I'm wondering how that works for the admin. Wouldn't the IPS system protect against auto-generating a new password for the admin?

For admins, you can still use the password reset tool. You just can't change your password from within your profile.

I guess I've always been reluctant to do that because you run into a situation where you might not get that password sent and it automatically marks your account as 'validating', which I've found to be pretty hilarious.

You are never 'sent' a password. You're sent an e-mail where you're linked to a page to input your new password.

Plaintext passwords are not e-mailed to users or admins.

I keep forgetting that. lols. But, you're right, you are sent an email with a link to allow you to regenerate a new password. I keep mixing the two up. *slaps self on back of head*