I suspect that might be tricky since it's a change in validator logic. Probably not a bad thing to investigate since this approach to password recovery is not uncommon.
- [web2py] How to customise the reset password function Dave H
- [web2py] Re: How to customise the reset password function pbreit
- [web2py] Re: How to customise the reset password function Anthony
