GOb2b Ideas Portal
Add a new idea Subscribe
Status Shipped
Workspace Web Site
Created by Guest
Created on Mar 27, 2024

RELATED IDEAS

Implement a proper 'forgot password' feature

Currently we send passwords in plain text over email if you try the forgot password process which is a horrible security practice - common practice many many years ago but these days the standard is to email a one-time-use/expiring link that allows users change their password.

  • Attach files
  • Jeff Ivey
    Reply
    |     Dec 6, 2024

    Thanks!

  • Jen Hogg
    Reply
    |     Dec 6, 2024

    Love it!

  • Steve Champion
    Reply
    |     Dec 6, 2024

    Love it!

  • Anna Roszak
    Reply
    |     Aug 9, 2024

    Please see my idea for how to properly implement this feature, by making the password that arrives by email a temporary password and redirecting to the "Change Your Password" page right after login.

    https://gob2b.ideas.aha.io/ideas/LFE-I-75

3 MERGED

Streamlined Password Recovery Journey

Merged
As of now, every time a customer gets a new (random and unsecure) password sent via email, they are able to login with it straight away, with no signposting towards how they can actually reset their password to a memorable one. My idea is that aft...
Anna Roszak 9 months ago in Web Site 0 Shipped