When a user registers or carries out a password reset they must choose and enter a new password.
They will receive an email similar to below, which has a unique button and link that opens up the password reset page.
NOTES:
Each time a password reset email is sent, the reset code is changed, making any older emails invalid. Only use the latest email links to reset passwords
Confirm that the member is using the email address stored in the system, some email providers allow for variations of email addresses, for example, Google email addresses can be someone@gmail.com and someone@googlemail.com.
Shown below is the standard password reset/registration form.
NOTE: If the member gets directed to the normal members area login page when they click on the password reset link please ask them to click the link again so that they see the form below.
A password strength meter is shown when a password is entered to inform the member whether their chosen password:
- Is not a commonly used password on the Internet (eg qwerty12 or 12345678)
- Meets the minimum 7 character length
- Includes letters, numbers and symbols (such as 1 % £ etc)
- Both passwords entered match each other
Pressing or hovering over the Help button at the bottom of the form will show further guidance.
An example of an insecure password is shown below, the help text and strength meter will provide guidance on whether the password meets the required criteria.
Additionally, if the password does not meet the minimum requirements then the Submit button is disabled.
Pressing the eye icon to the right of the password entry section will show/hide the entered password, this is useful for confirming that the password entered is the password that you think you have entered.
If a password meets the minimum requirements set above then the Submit button will be enabled and the member can set their new password.
Comments
0 comments
Article is closed for comments.