yes, the primary key column should not have a binding.
yes, you can create the update page manually, it;s just like any other update page.
create a recordset that filters the user ID column with the ID session variable created by the login
use that recordset to populate form elements.
add the update record server behavior, use the UserID session as the primary key value to tell what record to update.
no, the random password session is saved to the randomSting column:
Since we have this fancy random string all created, we need to insert it into the database so we know which string is for which user.
Click Window > Server Behaviors to open the Server Behaviors panel, if it isn't open already.
Find the Server Behavior called Insert Record (users).
Double click the Server Behavior to open it.
Click the Bindings Tab.
Click randomString from the Column column.
Next to the Value field, click the lightning bolt.
Expand the Session list in the server entity dialog.
Select rpw.
Click OK.
Click the General Tab.
Clear the Go to (optionall) field in the After Insert section.
Clearing this value allows the trigger we set earlier in Universal Email to fire instead of this one.
Uncheck the Pass original querystring checkbox.
Click OK.
Save the page.
the user verification filed gets a value of 0 initially, when the link is clicked, it will get updated to 1