The password reset process we currently have in our site is as follows:

1. In the Login window, clicking on Forgot username / password link goes here:
/forums/login.php?do=lostpw
Asking the user to enter their registered email address

2. On entering the email address, the username and instructions for password resetting gets sent to the email.

3. Clicking on the password reset link, the username and new password gets sent along with edit password link to the profile:
/forums/profile.php?do=editpassword

What is happening is the edit password link to the profile page is very misleading to the users. Instead of logging in with the username and the (reset)password, most of them try to click on the link directly (for editing the password) and get the 'no permission to access this page', because they aren't logged in.

Is there a way that in the email we send ONLY username and the new(reset) password? No link to edit password.

And when the user logs in with the username and temporary password, is it possible to get them redirected to the edit password in profile page.

The new email tells the user what their new username and password is...
Then asks them to change it after logging in, how exactly is that mis-leading?

I have already explained that above.

However, let me repeat it...

When the email with username and new password (temporary password?) is sent along with the 'edit password link', not all the users understand they need to login with the temporary password first, then go to that link to edit and change it to a different password.

They click on the 'edit password' link directly and hit the vbulletin login page that says...
You do not have permissions to access this page. You need to login first, or register to login.

Hence, these are my thoughts...

In the 3rd step, that I have listed my above post, when the username and new password gets emailed, instead of sending the 'edit password' link in it, can I do like this?

Email only the username and new password. When the user logs in for the first time, redirect them to 'edit profile' page to change their password.

How to do this?

Why not just change the phrasing of the email then?

Just edit the email phase as Zachery suggested. (I think it is phrase resetpw)

I definitely can try to see if just changing the phrase would help. Thanks.

Ok, the email phrase changes didn't help much.

When the username and "reset" password is emailed along with the 'edit password' link to profile page, in-spite of exclusively mentioning...

"You need to login with your username and the reset password atleast ONCE.

Then click on the edit password link to change password"

many users seem to be hurriedly clicking on the 'edit password' link and get to see the error message of the login page - 'you do not have permissions'.

Hence, I would like to send an email as follows:

"Login with your username and new password

Give the link to the main login page

When you login first, you will be redirected to change your password".

I need to know, how I redirect to 'edit password' page, ONLY those users who logged in with the system reset password.

You have to login first, to be able to edit your password.

Zachery,

I know that - one has to login first to be redirected to edit password. That's exactly what I want to do.

Can you tell me which code / template I have to edit, to make the login page 'redirect' to edit password page?

Now, this has to happen ONLY to those users logging in with system "reset" password. Not to those newly registered users logging in for the first time.

The login page always redirects to the page you were trying to go to, before you tried to login. Unless you've modifried the software to do something else.