I'm creating a site where new users are not allowed to join(public access restricted). Accounts are created by site admin based on membership in the association. Email accounts user@mysite.org are the same as user accounts in Xoops. Problem is if you forget your password then you can't check your email for the new password functions to work.

I need to develop the option of asking the user a series of questions to verify his/her identity and then allow them to change the password. Of course they could just send an email or call site admin to change the password, but who wants personal contact with their membership?

OR I need some other option of resetting the password.

Has anyone done this? (I've been searching for about 3 hours now and can't spend any more time looking)

I need code... I'm way out of my league with XOOPS but I'm having a blast screwing up my site.

Thanks
Dash

Why not just use their real email addresses?

If they were members of your groups, I would think they would be trustworthy enough to provide you their real email addresses.

That may be my best and only option. Unfortunately there are many of our members who don't use computers at home and most of us are .gov's. We are getting more and more reluctant to use our .gov address for even community related stuff. Hence my push to get everyone their own membership related email on our server. The lost password loop then becomes an issue.

Thanks for your reply.

Dash