Best practice for resetting forgotten user passwords

Question

As far as I can think, there are two reasonable ways to reset a user\'s forgotten password.

1. Have the user enter their email address and a new plaintext pass

Answer 1

Verify if the sender is the real user by asking verification questions.

Do not send password on the personal email that is not on the planate employees list.

Do not add the word "password" to the title or body of the email.

Make sure to send separately the username and password.

For Office 365 user, direct them to the forgot my password area or send this link https://passwordreset.microsoftonline.com

Don't get intimidated by the user, escalate to IT manager if the need arises.