Can someone point me to an example of how I would set up a recover password module. I keep seeing examples of encrypted password options and plain text options which allow for the emailing of the users password. I need a good example of how I can protect the password and still supply an easy way for the user to recover their password, or reset it.

I have a project on hold until I discover a good - secure way to do this. I know websites do this everyday, so please someone direct me to an example. Thanks.

Your best option is to reset the user's password and send him the new one. Put a 24 hour expiration on it, so he has to change it soon.

ThePhile doesn't support expiration dates, but you can change it and send him the new one.

As you probably know, there's no way to unencrypt passwords used in ThePhile because they are a 1-way hash.

Eric