Looking for a some good options to send users reset password emails

Question

I want to send emails to users when the forget their passwords that prompt them to reset their passwords. I know this is debatable and was looking for a few good options/sug

Answer 1

There is a danger of loosing out the url to anyone who sniffs network. To avoid this, you may generate a random short key such as vX4dq and save it in your database. Ask user to remember this. When a user resets via the link, ask him/her to enter this key only known to him.

Advanced :- you may show this key in a captcha so that it doesn't get sniffed.