Hey group, Sorry this is so long, but I like to be explicit with my problems so as to not waste members time. I''m having a strange update problem. I''m trying to update a couple fields in a record. I''ve created a user management function in an application and I want to have the user change the temporary, assigned password the first time they login. I''ve basically followed the "Administrativia" tutorial in the "Agile Web Development" book, with a few added features. I''ve added a method (with an associated view) to the Login controller called "confirmation": Login Controller code: def confirmation if request.get? @user = User.new @id = session[:user_id] else @user = User.new(params[:user]) confirm_user = @user.user_confirmation if confirm_user redirect_to(:action => "index") flash[:notice] = "Your password has been changed." end end end Here''s my thinking about how this works. If the browser sends a get request then display the form. That works fine. The form contains three fields. One hidden field containing the "user_id" and two text fields, "password" and "password_confirmation". If the request is a "post" then get the parameters from the form and send the values to the "User" module. Create "confirm_user" using the "User" module and parameters used, with the user_confirmation method in the module. Here''s the code for that as well: Hidden "user_id" field in the RHTML file: <input id="user_id" name="user[id]" type="hidden" value="11" /> User Module code: def user_confirmation User.update_user(self.id, self.password) end def self.update_user(id, password) hashed_password = hash_password(password || "") user = User.find(id) user.update_attributes( :password => hashed_password, :confirmed_on => Time.now, :temp_password => password) end I use the "hash_password" method from the tutorial, which works great with the "add_user" method. I know changing the password is possible from the Controller, but I want to use the validation features in the module to validate the password, plus I need to hash the new password. Problem: So when I try this I can login, then I get forwarded to change my password. When I type the new password in twice and submit the form I get a RecordNotFound error "Couldn''t find User without an ID" because the "ID" is not passing to the "User" module. It shows up in the parameters of the page. Why are the parameters not passing to the module? Thanks for the help. Clint