1. Are you ready for the Galaxy S20? Here is everything we know so far!

I need help with password reset process

Discussion in 'Android Apps & Games' started by Chen Cohen, Feb 9, 2019.

  1. Chen Cohen

    Chen Cohen Lurker
    Thread Starter

    Hi,

    I'm building an app and I have a few questions about "Reset Password" process
    here is the questions:
    1) When I build an email template, it will send to the user when he does a password reset process, do I need to put in the email only text or create the template as a picture, I mean if its only text so where do I put the logo of my app and the big button of "Reset your password"?
    2) Do I need to put "unsubscribe" button?
    3) Do I need to put message of "I did not ask to reset my password, how did this email reach me?"
    Or something like that.
    4) What happens if the user clicks the "Forgot password" button and inserts an email that does not exist in the database (in the system)?
    How do I prevent the system from sending an email to a user who does not exist?
    5) How do I create the process that when the user types his email to reset his password, the system will identify the username by email and send it directly to the email.

    Thanks for the helpers!
     


  2. lunatic59

    lunatic59 Moderati ergo sum
    Moderator

    Reset a password for what? Your game? If you are requiring a user account to play, or access advanced features, then invariable users are going to forget passwords.

    1) Either will work but a formatted email with a button might be a bit more professional than a simple text link. I see both, so it's not a big deal.
    2) No. A password reset email is not a subscription, unless you automatically subscribe the user to something by submitting a reset request. (don't do that)
    3) I would word it a little differently. "If you requested to have your password reset, here is your link to do that. If you didn't request to have your password reset, please [recommended action of someone trying to hack their account]" This is assuming you are only sending email to the account on file and not permitting redirects.
    4) Usually they should see "user not found" and either an error message or "try again".
    5) That's going to depend entirely on your database setup.
     
    Chen Cohen likes this.
  3. Chen Cohen

    Chen Cohen Lurker
    Thread Starter

    about question 5
    What actions can be performed in such a situation?

    And its a fitness app
     
  4. lunatic59

    lunatic59 Moderati ergo sum
    Moderator

    Are you the developer? Most online "memberships" make the username the email address. It makes it a lot simpler.
     
  5. Chen Cohen

    Chen Cohen Lurker
    Thread Starter

    Im sorry I was wrong, and Im not a developer

    I asked about question 3
    this is the question: Do I need to put message of "I did not ask to reset my password, how did this email reach me?"

    and you answerd that (from your answer): [recommended action of someone trying to hack their account]

    and then I asked what is the actions can be performed in such a situation?
     
    #5 Chen Cohen, Feb 9, 2019
    Last edited: Feb 9, 2019
  6. lunatic59

    lunatic59 Moderati ergo sum
    Moderator

    Oh, sorry, I thought you were talking about #5.

    There are a few options you can do for 3. First you can just notify them that someone tried to reset the password. You can suggest they reset their password or you can force them to reset it if they don't reply in [X] amount of time. If it's really a concern you might have a support number where they can call.
     
    Chen Cohen likes this.
Loading...

Share This Page

Loading...