Secure password resets that reach the inbox

Name: Stack0
Price: 5 USD
Author: Stack0

Send password reset emails instantly with priority delivery. Expiring tokens, rate limiting guidance, and full tracking for security-critical flows.

Priority DeliveryHigh DeliverabilityDelivery Tracking

Send Secure Reset Emails View Docs

import { Stack0 } from '@stack0/sdk'
import crypto from 'crypto'
 
const stack0 = new Stack0({ apiKey: process.env.STACK0_API_KEY })
 
// Send password reset email
export async function sendPasswordResetEmail(user: User) {
  // Generate secure token (store hash in DB with expiry)
  const token = crypto.randomBytes(32).toString('hex')
  const resetUrl = `https://app.yourdomain.com/reset?token=${token}`
 
  await stack0.mail.send({
    from: 'security@yourdomain.com',
    to: user.email,
    subject: 'Reset your password',
    templateId: 'password-reset',
    templateVariables: {
      name: user.name,
      resetUrl,
      expiresIn: '1 hour',
    },
    // Priority delivery for security emails
    priority: 'high',
  })
 
  return { token, expiresAt: Date.now() + 3600000 }
}

Features

What's included

Priority Sending

Security emails bypass standard queues. Delivered in seconds.

Template Variables

Use {{name}}, {{resetUrl}}, {{expiresIn}} in templates. Preview with test data.

Delivery Tracking

Know exactly when emails are delivered. Debug delivery issues fast.

Bounce Handling

Invalid emails automatically suppressed. Keep your sender reputation clean.

Expiry Support

Display token expiry in emails. Guide users with clear time limits.

Security Headers

Proper SPF, DKIM, and DMARC setup. Pass security filters.

Why Stack0

Built for production

Priority delivery

Security emails sent with highest priority. Users get reset links in seconds, not minutes.

High deliverability

Password reset emails that actually reach the inbox. Not the spam folder.

Template variables

Personalize with user name, expiry time, and custom branding. Make it feel secure.

Delivery tracking

Know when reset emails are delivered and opened. Debug issues quickly.

TypeScript SDK

Full type safety for security-critical code. Catch errors before they reach production.

Simple pricing

$0.50 per 1,000 emails. No premium for priority delivery.

Applications

Common implementations

Forgot Password Flow

Standard password recovery when users forget their credentials.

Security Alert Reset

Force password reset after suspicious activity detection.

Account Recovery

Help users regain access after being locked out.

Password Expiry

Prompt users to update passwords that meet expiry policies.

FAQ

Frequently asked questions

Password reset emails with priority: 'high' are delivered within 1-3 seconds. We prioritize security-critical emails to ensure users can regain account access immediately.

Use cryptographically secure random bytes (like crypto.randomBytes in Node.js). Store a hash of the token in your database with an expiration time. Verify the hash when the user clicks the reset link.

We recommend 1 hour for password reset tokens. This balances security with user convenience. Display the expiration time in your email so users know how long they have.

Implement rate limiting on your reset endpoint (e.g., max 3 requests per email per hour). Don't confirm whether an email exists in your system to prevent enumeration attacks.

Yes. Use delivery webhooks or poll the message status endpoint. This helps identify deliverability issues that might prevent users from receiving reset links.

Ready to build?

Plans start at $5/month.

Get Started