diff --git a/htdocs/admin/security.php b/htdocs/admin/security.php
index 9a3e22826ad..e851d93b926 100644
--- a/htdocs/admin/security.php
+++ b/htdocs/admin/security.php
@@ -133,6 +133,22 @@ else if ($_GET["action"] == 'disable_pdfsecurity')
 	exit;
 }
 
+if ($_GET["action"] == 'activate_MAIN_SECURITY_DISABLEFORGETPASSLINK')
+{
+	dolibarr_set_const($db, "MAIN_SECURITY_DISABLEFORGETPASSLINK", '1');
+	Header("Location: security.php");
+	exit;
+}
+else if ($_GET["action"] == 'disable_MAIN_SECURITY_DISABLEFORGETPASSLINK')
+{
+	dolibarr_del_const($db, "MAIN_SECURITY_DISABLEFORGETPASSLINK");
+	Header("Location: security.php");
+	exit;
+}
+
+
+
+
 /*
  * Affichage onglet
  */
@@ -246,11 +262,12 @@ print "<input type=\"hidden\" name=\"action\" value=\"encrypt\">";
 
 print '<table class="noborder" width="100%">';
 print '<tr class="liste_titre">';
-print '<td colspan="3">'.$langs->trans("Encryption").'</td>';
+print '<td colspan="3">'.$langs->trans("Parameters").'</td>';
 print '<td align="center">'.$langs->trans("Activated").'</td>';
 print '<td align="center">'.$langs->trans("Action").'</td>';
 print '</tr>';
 
+// Disable clear password in database
 $var=!$var;
 print "<tr ".$bc[$var].">";
 print '<td colspan="3">'.$langs->trans("DoNotStoreClearPassword").'</td>';
@@ -260,14 +277,12 @@ if($conf->global->DATABASE_PWD_ENCRYPTED == 1)
 	print img_tick();
 }
 print '</td>';
-
 if ($conf->global->DATABASE_PWD_ENCRYPTED == 0)
 {
 	print '<td align="center" width="100">';
 	print '<a href="security.php?action=activate_encrypt">'.$langs->trans("Activate").'</a>';
 	print "</td>";
 }
-
 if($conf->global->DATABASE_PWD_ENCRYPTED == 1)
 {
 	print '<td align="center" width="100">';
@@ -283,7 +298,32 @@ if($conf->global->DATABASE_PWD_ENCRYPTED == 1)
 	}
 	print "</td>";
 }
+print "</td>";
+print '</tr>';
 
+
+// Disable link "Forget password" on logon
+$var=!$var;
+print "<tr ".$bc[$var].">";
+print '<td colspan="3">'.$langs->trans("DisableForgetPasswordLinkOnLogonPage").'</td>';
+print '<td align="center" width="60">';
+if($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK == 1)
+{
+	print img_tick();
+}
+print '</td>';
+if ($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK == 0)
+{
+	print '<td align="center" width="100">';
+	print '<a href="security.php?action=activate_MAIN_SECURITY_DISABLEFORGETPASSLINK">'.$langs->trans("Activate").'</a>';
+	print "</td>";
+}
+if($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK == 1)
+{
+	print '<td align="center" width="100">';
+	print '<a href="security.php?action=disable_MAIN_SECURITY_DISABLEFORGETPASSLINK">'.$langs->trans("Disable").'</a>';
+	print "</td>";
+}
 print "</td>";
 print '</tr>';
 
@@ -321,7 +361,7 @@ $var=!$var;
 print "<tr ".$bc[$var].">";
 print '<td colspan="3">';
 $text = $langs->trans("ProtectAndEncryptPdfFiles");
-$desc = $html->textwithwarning($text,$langs->transnoentities("ProtectAndEncryptPdfFilesDesc"),1);
+$desc = $html->textwithhelp($text,$langs->transnoentities("ProtectAndEncryptPdfFilesDesc"),1);
 print $desc;
 print '</td>';
 print '<td align="center" width="60">';
diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang
index 69034c8ad4d..fb5c3f6d519 100644
--- a/htdocs/langs/en_US/admin.lang
+++ b/htdocs/langs/en_US/admin.lang
@@ -448,7 +448,8 @@ UserGroupSetup=Users and groups module setup
 GeneratePassword=Suggest a generated password
 RuleForGeneratedPasswords=Rule to generate suggested passwords
 DoNotSuggest=Do not suggest any password
-EncryptedPasswordInDatabase=To allow the encryption of the passwords in the database 
+EncryptedPasswordInDatabase=To allow the encryption of the passwords in the database
+DisableForgetPasswordLinkOnLogonPage=Do not show the link "Forget password" on login page
 ##### Company setup #####
 CompanySetup=Companies module setup
 CompanyCodeChecker=Module for third parties code checking (customer or supplier)
diff --git a/htdocs/langs/en_US/other.lang b/htdocs/langs/en_US/other.lang
index 8ece0ebfa6b..7784b73618c 100644
--- a/htdocs/langs/en_US/other.lang
+++ b/htdocs/langs/en_US/other.lang
@@ -11,6 +11,9 @@ ErrorFailedToFindEntity=Failed to read entity '%s'
 ErrorBadLoginPassword=Bad value for login or password
 ErrorLoginDisabled=Your account has been disabled
 ErrorFailedToRunExternalCommand=Failed to run external command. Check it is available and runnable by your PHP server. If PHP <b>Safe Mode</b> is enabled, check that command is inside a directory defined by parameter <b>safe_mode_exec_dir</b>.
+ErrorFailedToChangePassword=Failed to change password
+ErrorLoginDoesNotExists=User with login <b>%s</b> could not be found.
+ErrorLoginHasNoEmail=This user has no email address. Process aborted.
 Calendar=Calendar
 AddTrip=Add trip
 Tools=Tools
@@ -70,6 +73,9 @@ VolumeUnitm3=m<SUP>3</SUP>
 VolumeUnitcm3=cm<SUP>3</SUP>
 VolumeUnitmm3=mm<SUP>3</SUP>
 BugTracker=Bug tracker
+SendNewPasswordDesc=This form allows you to request a new passord. It will be send to your email address. Check your email reader software.
+BackToLoginPage=Back to login page
+AuthenticationDoesNotAllowSendNewPassword=Authentication mode is <b>%s</b>. In this mode, Dolibarr can't know nor change your password. Contact your system administrator if you want to change your password.
 ##### Webcal #####
 LoginWebcal=Login for Webcalendar
 AddCalendarEntry=Add entry in calendar
diff --git a/htdocs/langs/fr_FR/admin.lang b/htdocs/langs/fr_FR/admin.lang
index 2a175916c55..9141063b489 100644
--- a/htdocs/langs/fr_FR/admin.lang
+++ b/htdocs/langs/fr_FR/admin.lang
@@ -456,6 +456,7 @@ GeneratePassword=Proposer un mot de passe g
 RuleForGeneratedPasswords=Règle pour la génération des mots de passe proposés
 DoNotSuggest=Ne pas proposer
 EncryptedPasswordInDatabase=Permettre l'encryption des mots de passe dans la base de données
+DisableForgetPasswordLinkOnLogonPage=Ne pas afficher le lien "Mot de passe oublié" sur la page de connexion
 ##### Company setup #####
 CompanySetup=Configuration du module Sociétés
 CompanyCodeChecker=Module de contrôle des codes tiers (clients/fournisseurs)
diff --git a/htdocs/langs/fr_FR/other.lang b/htdocs/langs/fr_FR/other.lang
index b3fd7b3b82d..1e1205be2ed 100644
--- a/htdocs/langs/fr_FR/other.lang
+++ b/htdocs/langs/fr_FR/other.lang
@@ -11,6 +11,9 @@ ErrorFailedToFindEntity=Echec de lecture de l'entit
 ErrorBadLoginPassword=Identifiants login ou mot de passe incorrects
 ErrorLoginDisabled=Votre compte est désactivé
 ErrorFailedToRunExternalCommand=Echec de l'exécution de la commande externe. Vérifiez qu'elle est disponible et exécutable par votre serveur PHP. Si le <b>Safe Mode</b> PHP est actif, vérifiez que la commande se trouve dans un répertoire définie dans le paramètre <b>safe_mode_exec_dir</b>.
+ErrorFailedToChangePassword=Echec de modification du mot de passe
+ErrorLoginDoesNotExists=Le compte utilisateur de login <b>%s</b> n'a pu être trouvé.
+ErrorLoginHasNoEmail=Cet utilisateur n'a pas d'email. Impossible de continuer.
 Calendar=Calendrier
 AddTrip=Créer déplacement
 Tools=Outils
@@ -70,6 +73,9 @@ VolumeUnitm3=m<SUP>3</SUP>
 VolumeUnitcm3=cm<SUP>3</SUP>
 VolumeUnitmm3=mm<SUP>3</SUP>
 BugTracker=Bug tracker
+SendNewPasswordDesc=Ce formulaire permet d'envoyer un nouveau mot de passe. Il sera envoyé à l'adresse email de votre user. Surveillez votre messagerie.
+BackToLoginPage=Retour page de connexion
+AuthenticationDoesNotAllowSendNewPassword=Le mode d'authentification de Dolibarr est configuré à "<b>%s</b>". Dans ce mode, Dolibarr n'a pas la possibilité de connaitre ni modifier votre mot de passe. Contacter votre administrateur pour connaitre les modalités de changement.
 ##### Webcal #####
 LoginWebcal=Login Webcalendar
 AddCalendarEntry=Ajouter entrée dans le calendrier
diff --git a/htdocs/lib/functions.inc.php b/htdocs/lib/functions.inc.php
index d625ebba802..8b8c7e22190 100644
--- a/htdocs/lib/functions.inc.php
+++ b/htdocs/lib/functions.inc.php
@@ -1121,9 +1121,9 @@ function dol_loginfunction($notused,$pearstatus)
     // Ce DTD est KO car inhibe document.body.scrollTop
     //print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">';
     // Ce DTD est OK
-    print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">';
+    print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">'."\n";
 
-    print "\n";
+	// En tete html
     print "<html>\n";
     print "<head>\n";
     print '<meta name="robots" content="noindex,nofollow">'."\n";      // Evite indexation par robots
@@ -1131,8 +1131,6 @@ function dol_loginfunction($notused,$pearstatus)
 
     print '<link rel="stylesheet" type="text/css" href="'.DOL_URL_ROOT.'/'.$conf->css.'">'."\n";
 
-
-
     print '<style type="text/css">'."\n";
     print '<!--'."\n";
     print '#login {';
@@ -1162,16 +1160,17 @@ function dol_loginfunction($notused,$pearstatus)
     print '</script>'."\n";
     print '</head>'."\n";
 
-    print '<body class="body" onload="donnefocus();">';
+    // Body
+	print '<body class="body" onload="donnefocus();">';
 
+	// Start Form
     print '<form id="login" name="login" method="post" action="';
     print $_SERVER['PHP_SELF'];
     print $_SERVER["QUERY_STRING"]?'?'.$_SERVER["QUERY_STRING"]:'';
     print '">';
 
+	// Table 1
     print '<table cellpadding="0" cellspacing="0" border="0" align="center" width="400">';
-
-
     if (file_exists(DOL_DOCUMENT_ROOT.'/logo.png'))
     {
       print '<tr><td colspan="3" style="text-align:center;">';
@@ -1181,18 +1180,16 @@ function dol_loginfunction($notused,$pearstatus)
     {
       print '<tr class="vmenu"><td align="center">Dolibarr '.DOL_VERSION.'</td></tr>';
     }
+    print '</table>';
+	print '<br>';
 
-    print '</table>
+	// Table 2
+	print '<table cellpadding="2" align="center" width="400">';
 
-<br>
+	print '<tr><td colspan="3">&nbsp;</td></tr>';
 
-<table cellpadding="2" align="center" width="400">
-
-<tr><td colspan="3">&nbsp;</td></tr>
-
-<tr><td align="left"><br> &nbsp; <b>'.$langs->trans("Login").'</b>  &nbsp;</td>
-<td><input name="username" class="flat" size="15" maxlength="25" value="" tabindex="1" /></td>
-';
+	print '<tr><td align="left"><br> &nbsp; <b>'.$langs->trans("Login").'</b>  &nbsp;</td>';
+	print '<td><input name="username" class="flat" size="15" maxlength="25" value="" tabindex="1" /></td>';
 
     // Affiche logo du theme si existe, sinon logo commun
     if (file_exists(DOL_DOCUMENT_ROOT.'/theme/'.$conf->theme.'/img/login_logo.png'))
@@ -1204,27 +1201,23 @@ function dol_loginfunction($notused,$pearstatus)
         print '<td rowspan="2"><img src="'.DOL_URL_ROOT.'/theme/login_logo.png"></td>';
     }
 
-    print '
-</tr>
+    print '</tr>';
 
-<tr><td align="left" valign="top"> &nbsp; <b>'.$langs->trans("Password").'</b> &nbsp; </td>
-<td valign="top" nowrap="nowrap"><input name="password" class="flat" type="password" size="15" maxlength="30" tabindex="2">';
-print '</td></tr>
+    print '<tr><td align="left" valign="top"> &nbsp; <b>'.$langs->trans("Password").'</b> &nbsp; </td>';
+    print '<td valign="top" nowrap="nowrap"><input name="password" class="flat" type="password" size="15" maxlength="30" tabindex="2">';
+	print '</td></tr>';
 
-<tr><td colspan="3" style="text-align:center;"><br>
-<input type="submit" class="button" value="&nbsp; '.$langs->trans("Connection").' &nbsp;" tabindex="4" />
-</td></tr>
+    print '<tr><td colspan="3" style="text-align:center;"><br>';
+    print '<input type="submit" class="button" value="&nbsp; '.$langs->trans("Connection").' &nbsp;" tabindex="4" />';
+    print '</td></tr>';
 
-';
-if ($conf->global->MAIN_SECURITY_ALLOWFORGETPASSWORD)
-{
-	print '<tr><td colspan="3" align="center"><a style="color: #888888; font-size: 10px" href="'.DOL_URL_ROOT.'/user/passwordforgotten.php">('.$langs->trans("PasswordForgotten").')</a></td></tr>';
-}
+	if (! $conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK)
+	{
+		print '<tr><td colspan="3" align="center"><a style="color: #888888; font-size: 10px" href="'.DOL_URL_ROOT.'/user/passwordforgotten.php">('.$langs->trans("PasswordForgotten").')</a></td></tr>';
+	}
 
-    print '
-</table>
-<input type="hidden" name="loginfunction" value="loginfunction" />
-';
+    print '</table>';
+    print '<input type="hidden" name="loginfunction" value="loginfunction" />';
 
     print '</form>';
 
@@ -1242,13 +1235,15 @@ if ($conf->global->MAIN_SECURITY_ALLOWFORGETPASSWORD)
 		}
 		print '</div></td></tr></table></center>';
 	}
-	if (defined("MAIN_HOME") && strlen(trim(MAIN_HOME)))
+	if ($conf->global->MAIN_HOME)
 	{
 	    print '<table cellpadding="0" cellspacing="0" border="0" align="center" width="750"><tr><td>';
 	    print nl2br(MAIN_HOME);
 	    print '</td></tr></table><br>';
 	}
-    print "\n</body>\n</html>";
+    
+	// Fin entete html
+	print "\n</body>\n</html>";
 }
 
 
diff --git a/htdocs/user.class.php b/htdocs/user.class.php
index f246b666312..e59f62fcbcc 100644
--- a/htdocs/user.class.php
+++ b/htdocs/user.class.php
@@ -121,7 +121,7 @@ class User
 		// Recupere utilisateur
 		$sql = "SELECT u.rowid, u.name, u.firstname, u.email, u.office_phone, u.office_fax, u.user_mobile,";
 		$sql.= " u.admin, u.login, u.webcal_login, u.note,";
-		$sql.= " u.pass, u.pass_crypted,";
+		$sql.= " u.pass, u.pass_crypted, u.pass_temp,";
 		$sql.= " u.fk_societe, u.fk_socpeople, u.ldap_sid,";
 		$sql.= " u.statut, u.lang,";
 		$sql.= " ".$this->db->pdate("u.datec")." as datec,";
@@ -160,6 +160,7 @@ class User
 				$this->pass_indatabase = $obj->pass;
 				$this->pass_indatabase_crypted = $obj->pass_crypted;
 				$this->pass = $obj->pass;
+				$this->pass_temp = $obj->pass_temp;
 				$this->office_phone = $obj->office_phone;
 				$this->office_fax   = $obj->office_fax;
 				$this->user_mobile  = $obj->user_mobile;
@@ -988,17 +989,18 @@ class User
 
 
 	/**
-	 *    \brief     Change le mot de passe d'un utilisateur
-	 *    \param     user             		Object user de l'utilisateur qui fait la modification
-	 *    \param     password         		Nouveau mot de passe (à générer si non communiqué)
-	 *    \param     noclearpassword		0 ou 1 s'il ne faut pas stocker le mot de passe en clair
-	 *    \return    string           		mot de passe, < 0 si erreur
-	 */
-    function password($user, $password='', $noclearpassword=0)
+	*   \brief     	Change le mot de passe d'un utilisateur
+	*   \param     	user             		Object user de l'utilisateur qui fait la modification
+	*   \param     	password         		Nouveau mot de passe (à générer si non communiqué)
+	*   \param     	noclearpassword			0 ou 1 s'il ne faut pas stocker le mot de passe en clair
+	*	\param		changelater				1=Change password only after clicking on confirm email
+	*   \return    	string           		Mot de passe non crypté, < 0 si erreur
+	*/
+    function password($user, $password='', $noclearpassword=0, $changelater=0)
     {
         global $langs;
 
-        dolibarr_syslog("User::Password user=".$user->id." password=".eregi_replace('.','*',$password)." isencrypted=".$isencrypted);
+        dolibarr_syslog("User::Password user=".$user->id." password=".eregi_replace('.','*',$password)." isencrypted=".$isencrypted." changelater=".$changelater);
 
         // Si nouveau mot de passe non communiqué, on génère par module
         if (! $password)
@@ -1008,56 +1010,82 @@ class User
         	//$password=creer_pass_aleatoire_2('');
         }
 
-       	// Crypte avec systeme encodage par defaut du PHP
-        //$sqlpass = crypt($password, makesalt());
+       	// Crypte avec md5
         $password_crypted = md5($password);
 
 		// Mise a jour
-        $sql = "UPDATE ".MAIN_DB_PREFIX."user";
-		$sql.= " SET pass_crypted = '".$password_crypted."'";
-		if (! $noclearpassword)
+		if (! $changelater)
 		{
-			$sql.= ", pass = '".$password."'";
+	        $sql = "UPDATE ".MAIN_DB_PREFIX."user";
+			$sql.= " SET pass_crypted = '".addslashes($password_crypted)."',";
+			$sql.= " pass_temp = null";
+			if ($noclearpassword)
+			{
+				$sql.= ", pass = null";
+			}
+			else
+			{
+				$sql.= ", pass = '".addslashes($password)."'";
+			}
+	        $sql.= " WHERE rowid = ".$this->id;
+
+	        $result = $this->db->query($sql);
+	        if ($result)
+	        {
+	            if ($this->db->affected_rows())
+	            {
+			        $this->pass=$password;
+			        $this->pass_indatabase=$password;
+			        $this->pass_indatabase_crypted=$password_crypted;
+
+	                // Appel des triggers
+	                include_once(DOL_DOCUMENT_ROOT . "/interfaces.class.php");
+	                $interface=new Interfaces($this->db);
+	                $result=$interface->run_triggers('USER_NEW_PASSWORD',$this,$user,$lang,$conf);
+	                if ($result < 0) $this->errors=$interface->errors;
+	                // Fin appel triggers
+
+	                return $this->pass;
+	            }
+	            else {
+	                return -2;
+	            }
+	        }
+	        else
+	        {
+	            dolibarr_print_error($this->db);
+	            return -1;
+	        }
+		}
+		else
+		{
+			// We store clear password in password temporary field.
+			// After receiving confirmation link, we will crypt it and store it in pass_crypted
+			$sql = "UPDATE ".MAIN_DB_PREFIX."user";
+			$sql.= " SET pass_temp = '".addslashes($password)."'";
+	        $sql.= " WHERE rowid = ".$this->id;
+	        $result = $this->db->query($sql);
+	        if ($result)
+			{
+                return $password;
+			}
+			else
+			{
+	            dolibarr_print_error($this->db);
+	            return -3;
+	        }
 		}
-        $sql.= " WHERE rowid = ".$this->id;
-
-        $result = $this->db->query($sql);
-        if ($result)
-        {
-            if ($this->db->affected_rows())
-            {
-		        $this->pass=$password;
-		        $this->pass_indatabase=$password;
-		        $this->pass_indatabase_crypted=$password_crypted;
-
-                // Appel des triggers
-                include_once(DOL_DOCUMENT_ROOT . "/interfaces.class.php");
-                $interface=new Interfaces($this->db);
-                $result=$interface->run_triggers('USER_NEW_PASSWORD',$this,$user,$lang,$conf);
-                if ($result < 0) $this->errors=$interface->errors;
-                // Fin appel triggers
-
-                return $this->pass;
-            }
-            else {
-                return -2;
-            }
-        }
-        else
-        {
-            dolibarr_print_error($this->db);
-            return -1;
-        }
     }
 
 
-  /**
-   *    \brief     Envoie mot de passe par mail
-   *    \param     user             Object user de l'utilisateur qui fait l'envoi
-   *    \param     password         Nouveau mot de passe
-   *    \return    int              < 0 si erreur, > 0 si ok
-   */
-    function send_password($user, $password='')
+	/**
+	*   \brief     	Envoie mot de passe par mail
+	*   \param     	user            Object user de l'utilisateur qui fait l'envoi
+	*   \param		password        Nouveau mot de passe
+	*	\param		changelater		1=Change password only after clicking on confirm email
+	*   \return    	int             < 0 si erreur, > 0 si ok
+	*/
+    function send_password($user, $password='', $changelater=0)
     {
         global $langs;
 
@@ -1066,16 +1094,33 @@ class User
         $subject = $langs->trans("SubjectNewPassword");
         $msgishtml=0;
 
-        $mesg .= "Bonjour,\n\n";
-        $mesg .= "Votre mot de passe pour accéder à Dolibarr a été changé :\n\n";
-        $mesg .= $langs->trans("Login")." : $this->login\n";
-        $mesg .= $langs->trans("Password")." : $password\n\n";
-
-        $mesg .= "Adresse : http://".$_SERVER["HTTP_HOST"].DOL_URL_ROOT;
-        $mesg .= "\n\n";
-        $mesg .= "--\n";
-        $mesg.= $user->fullname;
-
+		// Define $msg
+        $mesg = '';
+		if (! $changelater)
+		{
+			$mesg.= "A request to change your Dolibarr password has been received.\n";
+	        $mesg.= "This is your new keys to login:\n\n";
+	        $mesg.= $langs->trans("Login")." : $this->login\n";
+	        $mesg.= $langs->trans("Password")." : $password\n\n";
+			$mesg.= "\n";
+	        $url = "http://".$_SERVER["HTTP_HOST"].DOL_URL_ROOT;
+			$mesg.= '<a href="'.$url.'">Go to Dolibarr</a>'."\n\n";
+	        $mesg.= "--\n";
+	        $mesg.= $user->fullname;	// Username that make then sending
+		}
+		else
+		{
+			$mesg.= "A request to change your Dolibarr password has been received.\n";
+	        $mesg.= "Your new key to login will be:\n\n";
+	        $mesg.= $langs->trans("Login")." : $this->login\n";
+			$mesg.= $langs->trans("Password")." : $password\n\n";
+			$mesg.= "\n";
+			$mesg.= "You must click on the folowing link to validate its change.\n";
+	        $url = "http://".$_SERVER["HTTP_HOST"].DOL_URL_ROOT.'/user/passwordforgotten.php?action=validatenewpassword&username='.$this->login."&passwordmd5=".md5($password);
+			$mesg.= '<a href="'.$url.'">Validate my new password</a>'."\n\n";
+			$mesg.= "If you didn't ask anything, just forget this email\n\n";
+			dolibarr_syslog("User::send_password url=".$url);
+		}
         $mailfile = new CMailFile($subject,$this->email,$conf->email_from,$mesg,
         							array(),array(),array(),
         							'', '', 0, $msgishtml);
@@ -1087,6 +1132,7 @@ class User
         else
         {
             $this->error=$langs->trans("ErrorFailedToSendPassword");
+			//print nl2br($mesg);
             return -1;
         }
     }
diff --git a/htdocs/user/passwordforgotten.php b/htdocs/user/passwordforgotten.php
new file mode 100644
index 00000000000..e00c7f199a7
--- /dev/null
+++ b/htdocs/user/passwordforgotten.php
@@ -0,0 +1,234 @@
+<?php
+/* Copyright (C) 2007 Laurent Destailleur  <eldy@users.sourceforge.net>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ *
+ * $Id$
+ * $Source$
+ */
+
+/**     
+        \file       htdocs/user/fiche.php
+        \brief      Onglet user et permissions de la fiche utilisateur
+        \version    $Revision$
+*/
+
+require("../master.inc.php");
+require_once(DOL_DOCUMENT_ROOT."/contact.class.php");
+require_once(DOL_DOCUMENT_ROOT."/lib/ldap.class.php");
+require_once(DOL_DOCUMENT_ROOT."/lib/usergroups.lib.php");
+
+$user->getrights('user');
+
+$langs->load("main");
+$langs->load("other");
+$langs->load("users");
+$langs->load("companies");
+$langs->load("ldap");
+
+$action=isset($_GET["action"])?$_GET["action"]:$_POST["action"];
+$mode=$dolibarr_main_authentication;
+if (! $mode) $mode='http';
+
+
+/**
+ * Actions
+ */
+
+// Action modif mot de passe
+if ($_GET["action"] == 'validatenewpassword' && $_GET["username"] && $_GET["passwordmd5"])
+{
+    $edituser = new User($db);
+    $result=$edituser->fetch($_GET["username"]);
+	if ($result < 0)
+	{
+        $message = '<div class="error">'.$langs->trans("ErrorLoginDoesNotExists",$_GET["username"]).'</div>';
+	}
+	else
+	{
+		if (md5($edituser->pass_temp) == $_GET["passwordmd5"])
+		{
+			$newpassword=$edituser->password($user,$edituser->pass_temp,$conf->password_encrypted,0);
+			dolibarr_syslog("passwordforgotten.php new password saved in database");
+			//session_start();
+			//$_SESSION["loginmesg"]=$langs->trans("PasswordChanged");
+			header("Location: ".DOL_URL_ROOT.'/');
+			exit;
+		}
+		else
+		{
+	        $message = '<div class="error">'.$langs->trans("ErrorFailedToValidatePassword").'</div>';
+		}
+	}
+}
+// Action modif mot de passe
+if ($_POST["action"] == 'buildnewpassword' && $_POST["username"])
+{
+    $edituser = new User($db);
+    $result=$edituser->fetch($_POST["username"]);
+	if ($result < 0)
+	{
+        $message = '<div class="error">'.$langs->trans("ErrorLoginDoesNotExists",$_POST["username"]).'</div>';
+	}
+	else
+	{
+		if (! $edituser->email)
+		{
+	        $message = '<div class="error">'.$langs->trans("ErrorLoginHasNoEmail").'</div>';
+		}
+		else
+		{
+			$newpassword=$edituser->password($user,'',$conf->password_encrypted,1);
+		    if ($newpassword < 0)
+		    {
+		        // Echec
+		        $message = '<div class="error">'.$langs->trans("ErrorFailedToChangePassword").'</div>';
+		    }
+		    else 
+		    {
+		        // Succes
+		        if ($edituser->send_password($user,$newpassword,1) > 0)
+				{
+					$message = '<div class="ok">'.$langs->trans("PasswordChangedAndSentTo",$edituser->email).'</div>';
+					//$message.=$newpassword;
+				}
+				else
+				{
+					//$message = '<div class="ok">'.$langs->trans("PasswordChangedTo",$newpassword).'</div>';
+					$message.= '<div class="error">'.$edituser->error.'</div>';
+				}
+		    }
+		}
+	}
+}
+
+
+
+/*
+ * Affichage page
+ */
+ 
+$conf->css  = "theme/".$conf->theme."/".$conf->theme.".css";
+// Si feuille de style en php existe
+if (file_exists(DOL_DOCUMENT_ROOT.'/'.$conf->css.".php")) $conf->css.=".php";
+
+print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">'."\n";
+
+// En tete html
+print "<html>\n";
+print "<head>\n";
+print '<meta name="robots" content="noindex,nofollow">'."\n";      // Evite indexation par robots
+print "<title>Dolibarr Authentification</title>\n";
+print '<link rel="stylesheet" type="text/css" href="'.DOL_URL_ROOT.'/'.$conf->css.'">'."\n";
+print '<style type="text/css">'."\n";
+print '<!--'."\n";
+print '#login {';
+print '  margin-top: 70px;';
+print '  margin-bottom: 30px;';
+print '  text-align: center;';
+print '  font: 12px arial,helvetica;';
+print '}'."\n";
+print '#login table {';
+print '  border: 1px solid #C0C0C0;';
+if (file_exists(DOL_DOCUMENT_ROOT.'/theme/'.$conf->theme.'/img/login_background.png'))
+{
+  print 'background: #F0F0F0 url('.DOL_URL_ROOT.'/theme/'.$conf->theme.'/img/login_background.png) repeat-x;';
+}
+else
+{
+  print 'background: #F0F0F0 url('.DOL_URL_ROOT.'/theme/login_background.png) repeat-x;';
+}
+print 'font-size: 12px;';
+print '}'."\n";
+print '-->'."\n";
+print '</style>'."\n";
+print '<script language="javascript" type="text/javascript">'."\n";
+print "function donnefocus() {\n";
+print "document.getElementsByTagName('INPUT')[0].focus();";
+print "}\n";
+print '</script>'."\n";
+print '</head>'."\n";
+
+// Body
+print '<body class="body" onload="donnefocus();">';
+
+// Form
+print '<form id="login" action="'.$_SERVER["PHP_SELF"].'" method="post" name="login">';
+print '<input type="hidden" name="action" value="buildnewpassword">';
+
+// Table 1
+print '<table cellpadding="0" cellspacing="0" border="0" align="center" width="400">';
+if (file_exists(DOL_DOCUMENT_ROOT.'/logo.png'))
+{
+  print '<tr><td colspan="3" style="text-align:center;">';
+  print '<img src="/logo.png"></td></tr>';
+}
+else
+{
+  print '<tr class="vmenu"><td align="center">Dolibarr '.DOL_VERSION.'</td></tr>';
+}
+print '</table>';
+print '<br>';
+
+// Table 2
+print '<table cellpadding="2" align="center" width="400">';
+
+print '<tr><td colspan="3">&nbsp;</td></tr>';
+
+print '<tr><td align="left"> &nbsp; <b>'.$langs->trans("Login").'</b>  &nbsp;</td>';
+$disabled='disabled';
+if ($mode == 'dolibarr') $disabled='';
+
+print '<td><input '.$disabled.' name="username" class="flat" size="15" maxlength="25" value="" tabindex="1" /></td>';
+
+// Affiche logo du theme si existe, sinon logo commun
+if (file_exists(DOL_DOCUMENT_ROOT.'/theme/'.$conf->theme.'/img/login_logo.png'))
+{
+	print '<td><img src="'.DOL_URL_ROOT.'/theme/'.$conf->theme.'/img/login_logo.png"></td>';
+}
+else
+{
+	print '<td><img src="'.DOL_URL_ROOT.'/theme/login_logo.png"></td>';
+}
+
+print '</tr>';
+
+
+print "<tr>".'<td align="center" colspan="3"><input class="button" value="'.$langs->trans("SendNewPassword").'" type="submit"></td></tr>';
+print "</table>\n";
+
+print "</form>";
+
+print '<center>';
+if ($mode == 'dolibarr')
+{
+	print $langs->trans("SendNewPasswordDesc").'<br>';
+}
+else
+{
+	print '<div class="warning">'.$langs->trans("AuthenticationDoesNotAllowSendNewPassword",$mode).'</div>';
+}
+print '<br>';
+if ($message) { print $message.'<br>'; }
+print '<a href="'.DOL_URL_ROOT.'/">'.$langs->trans("BackToLoginPage").'</a>';
+print '</center>';
+
+print "<br>";
+print "<br>";
+
+
+// Fin entete html
+print "\n</body>\n</html>";
+?>
\ No newline at end of file
diff --git a/mysql/migration/2.1.0-2.2.0.sql b/mysql/migration/2.1.0-2.2.0.sql
index 450afe09d74..769ecd70300 100644
--- a/mysql/migration/2.1.0-2.2.0.sql
+++ b/mysql/migration/2.1.0-2.2.0.sql
@@ -546,6 +546,7 @@ ALTER TABLE `llx_socpeople` CHANGE `fk_user_create` `fk_user_creat` INT(11) NULL
 -- V4 ALTER TABLE llx_socpeople ADD INDEX idx_fk_user_creat (fk_user_creat);
 -- V4 ALTER TABLE llx_socpeople ADD CONSTRAINT fk_socpeople_user_creat_user_rowid FOREIGN KEY (fk_user_creat) REFERENCES llx_user (rowid);
 
+ALTER TABLE llx_user add pass_temp VARCHAR(32) NULL after pass_crypted;
 
 drop table if exists llx_soc_events;
 drop table if exists llx_todocomm;
diff --git a/mysql/tables/llx_user.sql b/mysql/tables/llx_user.sql
index 98e705796cc..78bb548f732 100644
--- a/mysql/tables/llx_user.sql
+++ b/mysql/tables/llx_user.sql
@@ -30,6 +30,7 @@ create table llx_user
   login             varchar(24) NOT NULL,
   pass              varchar(32),
   pass_crypted      varchar(128),
+  pass_temp         varchar(32),			-- temporary password when asked for forget password
   name              varchar(50),
   firstname         varchar(50),
   office_phone      varchar(20),