[Cosmo-dev] "Forgot Password" workflow

Jared Rhine jared at wordzoo.com
Thu Feb 15 14:39:29 PST 2007 

Randy Letness wrote:
> 1. User enters email address
> 2. service sends email asking if user wants to reset
> 3. user clicks on link in email to reset

I've asked Todd about their experiences is Foxmarks password management. 
  A couple of take-aways for me:

- Password "reset" is all well and good, but the process isn't complete 
until the user has changed their password again.  They aren't going to 
remember just a reset password, and the places they have a password 
entered (like Chandler account dialog) need to be updated to.

So question: instead of "click a link to reset", would it be better to 
"click a link to go to a page where the user can enter a new password"? 
  After the password change form, they should be logged right in.

We might even want to remind them that their clients need to be in sync.

- Their overall approach is to have the "link in an email" log the user 
into the system temporarily (30 minutes), where they are encouraged to 
change their password.  The idea here is that the user might be at a web 
browser and want to check their Foxmarks web page, but not be at the 
computer where their client needs to be configured.  Once they are 
"temporarily logged in", they can poke around to find their username too.

I tend to think that the above approach of "click here to change your 
password", forcing a password change, and then being logged-in 
accomplishes the same effect.

However, "forcing a password change" doesn't cover the case that 
Foxmarks' design does, of where they are trying to access the web UI and 
have just forgotten their password.  They get temporary web UI access by 
clicking on the link, and they can just leave their client as it is 
(since their client probably has the right password).

At first, I thought "temporary login without a password change" would be 
a pain, but it's might just be granting credentials in the web session. 
  Does anyone see this as preferable?  I can see it being nice to get 
access to your account, temporarily, without having to reset your 
password at all.

I want to take Todd's feedback very seriously, as he's had recent 
experience with the hassle of password changes for hundreds of thousands 
of users, and their design is tuned to their experience.  But the 
context is of course somewhat different than Cosmo/osaf.us.

Seems like the fancy, uber-design for lost password is something like:

* Enter either a username or password
* Service sends email with a link for temporary login
* User clicks on temporary login link
* User gets a special page saying they have temporary access and if they 
want to change their password, click here.
* User can just use the UI without changing their password
* If the user opts to change their password, they get a reminder that 
they will need to change the password in any clients they use

It'd be nice if there was a dedicated "change password" form instead of 
reusing the "settings" dialog.

-- Jared

More information about the cosmo-dev mailing list