Protect messages in online messaging system

On a website, I would like to implement a system where users can message each other. The content of the messages should be protected against attackers that are trying to read them.

My first thought was to use a public/private key pair for each user and encrypt the private key with the password of the user. In this way, a hacker gaining access to the database would not be able to decrypt the messages.

On the other hand, users frequently forget their passwords and need to reset them. This would then have the effect that all past messages are lost.

There is probably a better solution for the whole process and I am just thinking in the wrong direction. Can somebody guide me?

I'd suggest using pure access control for security.

Using public-key cryptography to protect user communication is very complicated, and have more subtle pitfalls than just users losing their message when resetting passwords.

For example, even if the communication between users are secure, you still have to protect your users from spams within your service systems. You can pre-scan the message texts sent by users before you let the other user receive it, and this is surely not doable if you encrypt user messages first.

Pure access control can get right, systems can be made secure against known attacks from hackers, you just need to spend more and constantly more effort in ensuring you follow best industry practice (e.g. using PKC to log into your administration account on the server, set DAC and MAC access control properly on your database, etc.)

Pure access control can be efficient. Using too much cryptography can complicate your security argument; but access control is often more consistent, and is efficient, both when configuring it, and when enforcing it.