Customer Portal- Reset Password

Get Started. It's Free
or sign up with your email address
Customer Portal- Reset Password by Mind Map: Customer Portal- Reset Password

1. Security

1.1. token is more than 25 character

1.2. token expires in 24 hours

1.3. token can be used only once

1.4. new table PasswordBreachStats

1.4.1. UserId userID of account

1.4.2. Strength will always be 2 based on code weak password value score = <4 good password score = <7 strong password score = >7

1.4.3. NumberofBreaches

1.4.4. AccountCreatedonUTC time account is created

1.4.5. PasswordGeneratedOnUtc time password is created will be updated when reset password functionality is used

1.4.6. only log users with weak passwords if user originally has a strong password and changes to a weak one data inserted into table if user originally has a weak password and updates to a strong one do not update passwordgeneratedonutc column

2. UI

3. Functionality

3.1. fields empty

3.1.1. all fields empty proper error messages are displayed

3.1.2. one of the fields are empty

3.1.3. 21648

3.2. Correct username

3.2.1. only one account one email customer enters email matches the verified email attached to this account customer enters email matches verified email that belongs to another customer customer enters email does not exist as verified email in Accounts table many emails but only one verfied customer enters one of the client unverified emails customer enters the verified email

3.2.2. Many Accounts all accounts verified one email many email some of the accounts are not verified customer can reset password on activated account emails customer cannot reset password on non activated account emails

3.2.3. reset password for closed account

3.2.4. reset password for unauthorized account

3.3. wrong values

3.3.1. wrong username and correct email please check your email screen

3.3.2. correct username and wrong email please check your email screen email is sent to the email used during registration-chong is fixing it

3.3.3. both email and username does not exist please check your email screen

3.4. Email validations

3.4.1. error us displayed for the following emails x [email protected] [email protected] [email protected] [email protected] [email protected]

3.4.2. dot - _ are accepted in email id

3.4.3. 21650

3.4.4. error messages should be displayed on focus out and click next

3.5. Email screen

3.5.1. Resend will send same code if not expired

3.5.2. contact us modal

3.6. Received email

3.6.1. Reset link

3.6.2. correct username

3.6.3. copy link

3.7. password validations

3.7.1. New & Confirm Password should not accept less than 8 char should accept any 8 characrters should match new and confirm password error message should be displayed without clicking save button accepts complicated and long passwords p`[email protected]#o$r%d^&*()_-+='";:,.<>123 should not accept above the maximum used in registration(40 characters) eye icon to mask and unmask password should be visible

3.8. password reset should reset password failed counter

3.8.1. pswfailedcounter in db 0

3.8.2. user can login with the new password

3.8.3. user cannot login with old password

3.8.4. IPB-21665