diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 19434cd..570fc77 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -2,4 +2,10 @@ class ApplicationController < ActionController::Base
   rescue_from DeviseLdapAuthenticatable::LdapException do |exception|
     render :text => exception, :status => 500
   end
+
+  def require_user_signed_in
+    unless user_signed_in?
+      redirect_to welcome_path and return
+    end
+  end
 end
diff --git a/app/controllers/dashboard_controller.rb b/app/controllers/dashboard_controller.rb
new file mode 100644
index 0000000..cbcbe43
--- /dev/null
+++ b/app/controllers/dashboard_controller.rb
@@ -0,0 +1,6 @@
+class DashboardController < ApplicationController
+  before_action :require_user_signed_in
+
+  def index
+  end
+end
diff --git a/app/controllers/settings_controller.rb b/app/controllers/settings_controller.rb
index b9adfb9..ba639d2 100644
--- a/app/controllers/settings_controller.rb
+++ b/app/controllers/settings_controller.rb
@@ -1,4 +1,13 @@
 class SettingsController < ApplicationController
+  before_action :require_user_signed_in
+
   def index
   end
+
+  def reset_password
+    current_user.send_reset_password_instructions
+    sign_out current_user
+    msg = "We have sent you an email with a link to reset your password."
+    redirect_to check_your_email_path, notice: msg
+  end
 end
diff --git a/app/controllers/welcome_controller.rb b/app/controllers/welcome_controller.rb
index 5aaad05..bba7940 100644
--- a/app/controllers/welcome_controller.rb
+++ b/app/controllers/welcome_controller.rb
@@ -1,7 +1,10 @@
 class WelcomeController < ApplicationController
   def index
     if user_signed_in?
-      redirect_to settings_path and return
+      redirect_to root_path and return
     end
   end
+
+  def reset_password_check_email
+  end
 end
diff --git a/app/helpers/dashboard_helper.rb b/app/helpers/dashboard_helper.rb
new file mode 100644
index 0000000..a94ddfc
--- /dev/null
+++ b/app/helpers/dashboard_helper.rb
@@ -0,0 +1,2 @@
+module DashboardHelper
+end
diff --git a/app/views/dashboard/index.html.erb b/app/views/dashboard/index.html.erb
new file mode 100644
index 0000000..e43169e
--- /dev/null
+++ b/app/views/dashboard/index.html.erb
@@ -0,0 +1,9 @@
+<h2>Dashboard</h2>
+<p>Ohai.</p>
+
+<h3>Password change</h3>
+<p>
+  <%= form_with(url: settings_reset_password_path, method: :post) do %>
+    <%= submit_tag("Send me a password reset link") %>
+  <% end %>
+</p>
diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb
index 9b8f091..29e9bd3 100644
--- a/app/views/layouts/application.html.erb
+++ b/app/views/layouts/application.html.erb
@@ -16,9 +16,12 @@
         Signed in as <strong><%= current_user.cn %>@kosmos.org</strong>.
         <%= link_to "Log out", destroy_user_session_path, method: :delete %>
       </p>
-      <% flash.each do |type, msg| %>
+    <% end %>
+
+    <% flash.each do |type, msg| %>
+      <div class="flash-msg-<%= type %>">
         <p><%= msg %></p>
-      <% end %>
+      </div>
     <% end %>
 
     <%= yield %>
diff --git a/app/views/settings/index.html.erb b/app/views/settings/index.html.erb
index e71f943..c8c990b 100644
--- a/app/views/settings/index.html.erb
+++ b/app/views/settings/index.html.erb
@@ -1,4 +1 @@
-<h3>Password reset</h3>
-<p>
-  <%= link_to "Reset my password" %>
-</p>
+<h2>Settings</h2>
diff --git a/app/views/welcome/check_your_email.html.erb b/app/views/welcome/check_your_email.html.erb
new file mode 100644
index 0000000..77c0c9f
--- /dev/null
+++ b/app/views/welcome/check_your_email.html.erb
@@ -0,0 +1,3 @@
+<p>
+  You can close this window or tab now.
+</p>
diff --git a/config/locales/devise.en.yml b/config/locales/devise.en.yml
index ab1f070..80a7e4b 100644
--- a/config/locales/devise.en.yml
+++ b/config/locales/devise.en.yml
@@ -34,7 +34,7 @@ en:
       no_token: "You can't access this page without coming from a password reset email. If you do come from a password reset email, please make sure you used the full URL provided."
       send_instructions: "You will receive an email with instructions on how to reset your password in a few minutes."
       send_paranoid_instructions: "If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes."
-      updated: "Your password has been changed successfully. You are now signed in."
+      updated: "Your password has been changed successfully."
       updated_not_active: "Your password has been changed successfully."
     registrations:
       destroyed: "Bye! Your account has been successfully cancelled. We hope to see you again soon."
@@ -46,9 +46,9 @@ en:
       updated: "Your account has been updated successfully."
       updated_but_not_signed_in: "Your account has been updated successfully, but since your password was changed, you need to sign in again"
     sessions:
-      signed_in: "Signed in successfully."
-      signed_out: "Signed out successfully."
-      already_signed_out: "Signed out successfully."
+      signed_in: ""
+      signed_out: ""
+      already_signed_out: ""
     unlocks:
       send_instructions: "You will receive an email with instructions for how to unlock your account in a few minutes."
       send_paranoid_instructions: "If your account exists, you will receive an email with instructions for how to unlock it in a few minutes."
diff --git a/config/routes.rb b/config/routes.rb
index c9945d1..2985ea7 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -2,14 +2,17 @@ Rails.application.routes.draw do
   devise_for :users
 
   get 'settings', to: 'settings#index'
+  post 'settings_reset_password', to: 'settings#reset_password'
+
+  get 'welcome', to: 'welcome#index'
+  get 'check_your_email', to: 'welcome#check_your_email'
 
   get 'ldap_users', to: 'ldap_users#index'
 
-
   # Letter Opener (open "sent" emails in dev and staging)
   if Rails.env.match(/staging|development/)
     mount LetterOpenerWeb::Engine, at: "letter_opener"
   end
 
-  root to: 'welcome#index'
+  root to: 'dashboard#index'
 end
diff --git a/spec/helpers/dashboard_helper_spec.rb b/spec/helpers/dashboard_helper_spec.rb
new file mode 100644
index 0000000..12cff9a
--- /dev/null
+++ b/spec/helpers/dashboard_helper_spec.rb
@@ -0,0 +1,15 @@
+require 'rails_helper'
+
+# Specs in this file have access to a helper object that includes
+# the DashboardHelper. For example:
+#
+# describe DashboardHelper do
+#   describe "string concat" do
+#     it "concats two strings with spaces" do
+#       expect(helper.concat_strings("this","that")).to eq("this that")
+#     end
+#   end
+# end
+RSpec.describe DashboardHelper, type: :helper do
+  pending "add some examples to (or delete) #{__FILE__}"
+end
diff --git a/spec/requests/dashboard_request_spec.rb b/spec/requests/dashboard_request_spec.rb
new file mode 100644
index 0000000..5d12092
--- /dev/null
+++ b/spec/requests/dashboard_request_spec.rb
@@ -0,0 +1,12 @@
+require 'rails_helper'
+
+RSpec.describe "Dashboards", type: :request do
+
+  describe "GET /index" do
+    it "returns http success" do
+      get "/dashboard/index"
+      expect(response).to have_http_status(:success)
+    end
+  end
+
+end
diff --git a/spec/views/dashboard/index.html.erb_spec.rb b/spec/views/dashboard/index.html.erb_spec.rb
new file mode 100644
index 0000000..d9dbe04
--- /dev/null
+++ b/spec/views/dashboard/index.html.erb_spec.rb
@@ -0,0 +1,5 @@
+require 'rails_helper'
+
+RSpec.describe "dashboard/index.html.erb", type: :view do
+  pending "add some examples to (or delete) #{__FILE__}"
+end