you could offer a php skript that take a new password param alters the account file. reset to a random one and send a mail. following skirpt is untested, just use this as an inspiration.
// URL http://www.example.com/user:myuser/forgot-password:1
// URL Routing http://www.example.com/forgot-password/user:myuser
if($newpassword = get('forgot-password' && $changeUser = get('user'))) {
$newPW = str::random(8);
$site->user($changeUser)->update(array(
'password' => $newPW
));
// send mail to user with new pw
$mail = $site->user($changeUser)->email();
$email = new Email(array(
'to' => $mail,
'from' => $mail,
'subject' => 'new password',
'body' => 'some text: '.$newPW
));
if($email->send()) {
echo 'The email has been sent';
} else {
echo $email->error()->message();
}
}
https://getkirby.com/docs/toolkit/api/str/random
https://getkirby.com/docs/toolkit/sending-email
https://github.com/getkirby/kirby/blob/master/core/user.php#L226