- Password Security Rules: The new password field can be supported with criteria such as minimum length and use of special characters.
- Password Re-entry Check: A match check can be performed with two fields such as txtNewPassword and txtRepeatPassword.
- Password Reset Notification: A notification message such as ‘Your password has been successfully changed’ can be displayed with the Notify action.
Technical Risks and Controls
- Empty or Invalid Password Entry: Form validation should prevent users from leaving the new password field blank and ensure that they comply with the specified rules.
- Notification Setting Control: If the Don't Send Email parameter is left true unintentionally, the user's password may be changed without notification.
- Code Security: This action should only be triggered for verified users. Otherwise, account security may be compromised.
Password Reset Action allows users to reset their lost or forgotten passwords and securely return to the system. With its customisable parameters, it enhances user experience and supports application security. It can be used effectively in password verification processes and multi-factor authentication scenarios.
