- Form Validation Integration: The New Password field can be checked for compliance with password policies (e.g. at least one uppercase letter, special characters, minimum number of characters). This helps users create more secure passwords.
- Password Strength Indicator: You can add a Progress Bar element that shows users how strong their new password is. This visual support improves the user experience.
- Multilingual Warning and Information: Error or success messages during the verification process can be displayed in multiple languages according to the user's preferred language. It can be integrated with the Language parameter.
- Automatic Login Process (Optional): After the user sets their new password, they can optionally be logged in automatically. For this, an Encrypted Sign In action can be triggered after the Set Password With Verification Code action.
- Timeout and Code Duration Control: If the verification code expires, a redirect or action can be designed to automatically send a new code to the user (integrated with the Send Verification Code action).
- Security Log Recording: Log mechanisms can be created in the background to record password reset operations on the system side. This allows tracking which users have reset their passwords.
- User Information Masked Feedback: For security purposes, if the verification code is invalid, a general message such as ‘Code is invalid’ should be displayed, and information such as the email address to which the code was sent should not be clearly displayed.
Technical Risks and Precautions
- Incorrect Code Entry: If the verification code entered by the user is incorrect, the system should display an error message and redirect the user.
- Code Expired: If the verification codes have expired, the system should inform the user and request a new code.
- Weak Password Selection: The new password must comply with security standards (at least 8 characters, combination of letters and numbers, etc.).
- Form Validation: No action should be triggered unless all fields are filled in. If necessary, validation rules should be applied to the fields.
The ‘Set Password With Verification Code’ action enables users to securely set a new password using verified identity information within the system. As an integral part of the password reset process, this action enhances the user experience and serves as a fundamental component of a secure application workflow.
