Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
This modules simplifies the password reset process.
Without this module enabled, core Drupal prompts the user to log in via a one-time login form. After clicking "Log in", the user is brought to their profile edit form where at long last they can change their password.
With this module enabled, the user skips the one-time login form. Instead the password reset link brings them right to the profile edit form where they can immediately change their password and log in. So what core Drupal does in two steps, this module does in one.
Additionally, this module now logs a user out who uses the password reset form linked from the account edit form. This prevents those users from seeing an access denied message when they follow the password reset link that gets e-mailed to them, reducing customer support inquiries during password resets.
Usage tips
This module also provides an option to show a "brief" version of the password reset form. So the user is prompted only to change their password. This eliminates the confusion many users experience with the current process. To enable the brief form, you must update the e-mail bodies in your site's account settings form to change any instance of [user:one-time-login-url] to [user:one-time-login-url]/brief. (This feature available only in D7 version. In D8, by default it provides only password field alone)
If you are using any CAPTCHA related modules to protect forms on your site, we recommend disabling the CAPTCHA elements on the password reset form, especially if your users must clear a CAPTCHA to request a new password to begin with. The only accommodation this module currently makes is to not hide form elements added to the brief password reset form of the captcha element type defined by the CAPTCHA module.
Related modules
Another project has been pointed out to me, called PRLP. The two modules are quite similar and may join forces at some point. There's a subtle technical difference that might help you decide which to use. The PRLP relies on hook_form_alter() to change the one-time login form, and to that form it adds password and other elements from the user profile form. Simple Password Reset, on the other hand, relies on hook_menu_alter() to do away with the one-time login form entirely, it builds the user profile form instead.
In case that last sentence made no sense to you, consider this: if you have a third party module that alters the profile edit form, this module will include those alters when a user is setting their password. While the PRLP module will not include those alters (third-party modules would have to alter the one-time login form in addition to the profile edit form).
Supporting organizations:
Provided support for porting this module to Drupal 8
Project information
- Module categories: Access Control
6,744 sites report using this module- Created by Dave Cohen on , updated
Stable releases for this project are covered by the security advisory policy.
Look for the shield icon below.
Releases
8.x-1.2
released 29 September 2023
released 29 September 2023
Works with Drupal: ^8 || ^9 || ^10
✓ Recommended by the project’s maintainer.
Install:
Development version: 8.x-1.x-dev updated 20 Oct 2023 at 13:02 UTC
7.x-1.6
released 2 October 2023
released 2 October 2023
Works with Drupal: 7.x
✓ Recommended by the project’s maintainer.
Development version: 7.x-1.x-dev updated 13 Apr 2015 at 21:03 UTC
