This modules simplifies the password reset process.
Without this module enabled, core Drupal prompts the user to log in via a one-time login form. After clicking "Log in", the user is brought to their profile edit form where at long last they can change their password.
With this module enabled, the user skips the one-time login form. Instead the password reset link brings them right to the profile edit form where they can immediately change their password and log in. So what core Drupal does in two steps, this module does in one.
Additionally, this module now logs a user out who uses the password reset form linked from the account edit form. This prevents those users from seeing an access denied message when they follow the password reset link that gets e-mailed to them, reducing customer support inquiries during password resets.
The idea behind this module is described in Dave Cohen's blog.
Read the README.txt file for installation and further details.
This module also provides an option to show a "brief" version of the password reset form. So the user is prompted only to change their password. This eliminates the confusion many users experience with the current process. To enable the brief form, you must update the e-mail bodies in your site's account settings form to change any instance of
If you are using any CAPTCHA related modules to protect forms on your site, we recommend disabling the CAPTCHA elements on the password reset form, especially if your users must clear a CAPTCHA to request a new password to begin with. The only accommodation this module currently makes is to not hide form elements added to the brief password reset form of the
captcha element type defined by the CAPTCHA module.
Another project has been pointed out to me, called PRLP. The two modules are quite similar and may join forces at some point. There's a subtle technical difference that might help you decide which to use. The PRLP relies on hook_form_alter() to change the one-time login form, and to that form it adds password and other elements from the user profile form. Simple Password Reset, on the other hand, relies on hook_menu_alter() to do away with the one-time login form entirely, it builds the user profile form instead.
In case that last sentence made no sense to you, consider this: if you have a third party module that alters the profile edit form, this module will include those alters when a user is setting their password. While the PRLP module will not include those alters (third-party modules would have to alter the one-time login form in addition to the profile edit form).