Forgot password account validation

When a user uses the forgot password link, the response returned is "REQUEST WAS SUCCESSFULLY SENT! You will shortly receive an email with instructions to create a new password" regardless of whether or not the account exists in the Solarwinds Service Desk instance. This is confusing for users that think they are typing their password wrong when in fact the issue is that they don't have an account.

Suggestions:

Have a validation that checks if the email address is one file first and if not, return a message indicating that the account doesn't exist and provide the sign up link
Or if option 1 is a security risk, update the returned message to: "If the email address you provided has a {{Service Desk Name}} account, you will shortly receive an email with instructions to create a new password"

Find more posts tagged with

password reset

forgot password

Status: None

Comments

There are no comments yet

Quick Links

All Categories
Recent Posts
Activity
Unanswered
Groups
Help
Best Of