Overview
When a user requests a password reset for their account, the system sends an email to the user with details on how to reset their password; however, the email contains neither a password nor a reset password link to action.
Prerequisites
- Access to the DNN file structure.
- SMTP Server is set up.
Diagnosis
This issue is portal-specific and may have two related root causes:
If the email does not contain a reset password link
The Global Resources file, GlobalResources.resx, handles the behavior of the "EMAIL_PASSWORD_REMINDER_BODY.Text"
which should correctly point to a Password reset link, for example:
Link to reset password: [Portal:PASSWORDREMINDERURL]?ctl=PasswordReset&resetToken=[Membership:PasswordResetToken]
However, if any portal-specific Global Resources files, such as GlobalResources.portal-1.resx or GlobalResources.portal-2.resx, have a different configuration (as the one seen below), then the portal-specific Global Resources files would take precedence on the system.
If the email does not contain a password
The "EMAIL_PASSWORD_REMINDER_BODY.Text"
might be correctly pointing to a password, for example:
Password: [Membership:Password]
However, if the web.config file has been set to have password formats encrypted (as seen below):
<add name="AspNetSqlMembershipProvider" .... passwordFormat="Encrypted" ...>
Then the password value as clear-text cannot be successfully pulled as it has been encrypted and is unreadable; therefore, the email sends no value for this field.
Solution
Modify the Root Folder/App_GlobalResources/GlobalResources.resx file. If a password reset link is needed, the correct configuration for both files under "EMAIL_PASSWORD_REMINDER_BODY.Text"
should be:
Link to reset password: [Portal:PASSWORDREMINDERURL]?ctl=PasswordReset&resetToken=[Membership:PasswordResetToken]
We strongly recommend not sending clear-text passwords and using a password reset link on this type of scenarios.
You can also modify any text in the password notification email in "EMAIL_PASSWORD_REMINDER_BODY.Text"
section of the RootFolder/App_GlobalResources/GlobalResources.resx file
For configuration of the Global Resources on DNN 8.0 and below, please refer to Edit Global Resource Content.
Testing
You can test that this the password reset link has been restored by:
- Go to the Login page for your site
- Click Reset Password.
- Wait for a password reset email
You should be able to reset your password through the link sent through the email.
Comments
0 comments
Please sign in to leave a comment.