Reset a User Password

If a user loses their password, they will need to reset it in order to regain access to the Client Area. In most cases, users initiate this process themselves from the login form. Occasionally, you may need to force a password reset in the database.

Initiating a Password Reset

Users can initiate a password reset on their own by clicking Forgotten Password on the Client Area login form. The system will prompt them to enter their email address and provide the answer to their security question (if they have one).

The user will receive an email with a confirmation link that is valid for two hours from the time of the request.

  • Clicking the confirmation link will take them to the password reset validation page, where they can set a new password.
  • If the user does not use the confirmation link within the two-hour period, the system will cancel the reset request and the password will not change.

The user can log in to the Client Area immediately after completing this process.

Forcing a Password Reset

In some circumstances, you may need to force a user to reset their password before they can log in again.

To do this, you can remove their password from the database using an SQL query. This prevents access to the Client Area until the user resets their password using the Forgotten Password link (above).

Execute the following SQL query to remove the contents of the password field for a user:

UPDATE `tblusers` SET `password` = '', `email_verification_token_expiry` = NULL, `email_verified_at` = NULL, `reset_token_expiry` = NULL WHERE `tblusers`.`id` = x;

Replace x with the desired user’s user ID. You can find the user’s ID at Clients > Manage Users.

Last modified: May 31, 2024