There's a lot of overlap in here with stuff already-done with the "Password reset process" option (maybe that option was inspired by this issue and I forgot to comment), and a fair amount of over-complexity. I like what we currently do. For example, there's no real reason to give the webmaster the choice between an emailed temporary password and having the confirmation link ask them to choose a new password immediately.
I don't see a reason to have numeric confirmation codes. Already it's a link to click that includes the code, unless the user has an awful email client - which I've never seen.
"Integer, How long reset codes last for in minutes" is important, and I will implement for v11 and then mark this issue resolved.
I don't see a reason to have numeric confirmation codes. Already it's a link to click that includes the code, unless the user has an awful email client - which I've never seen.
"Integer, How long reset codes last for in minutes" is important, and I will implement for v11 and then mark this issue resolved.