Previously in Control, one of the major support challenges occurred when users lost their password. Though another administrative user could reset their password, many choose to call Cyrious Support for assistance in resetting their password.

The purpose of this specification is to provide the user with a way to reset their own password, utilizing the email address for the user in the system. A reset code is sent to the users email and that code may be entered to allow the user to reset her or his password.

Beneath the password box on the user login screen, a new “hyperlink” label is added that says _ckgedit_QUOT_Forgot Your Password?“.

When the user clicks “Forgot Your Password”, the login screen expands to show new fields.

The user can enter the following information and click “Send Reset Email”. (Note: The “Send Reset Email” button will not be enabled until a name and email address is entered in the Reset Code input box.)

The entered information is sent to the SSLIP for verification. If the user name and email address match those of an active user in the system (ignoring case) - the SSLIP will send email with the reset code to their Inbox. If the email and/or user name don't match, the following error message is displayed:

Upon receipt of an email code in their inbox, the user can copy the code into the “Reset Code” input and click “Reset Password”.

When the Reset Code is successfully entered (as verified by the SSLIP), a pop-up will be displayed allowing them to enter their new password (twice - for confirmation). The existing password is not needed in this case. As long as the new password is entered identically and meets the minimum criteria, the password is changed and login continues.

When the email reset is requested, a reset code - number between 0 and 2^20 (just over one million) - is generated. This reset code is emailed to the user with the following text:


To: {email}

From: password@cyrious.com

Subject: Control Password Reset Code

Body:

You recently requested a reset code for Cyrious Control. The reset code is {reset code} . Enter this number in the password reset code box in Control. It expires at midnight of {today}.

If you did not request this password reset, please contact your system administrator. If you did request this password reset but continue to have problems with your password, contact Cyrious Support at support@cyrious.com, 1-225-752-2867, or 1-888-552-9823.

Requested from: {Windows Name} on {Computer Name} at {Public IP}

{datetime}


The email is sent using SMTP using smtp.gmail.com:587 username password@cyrious.com

.

You could leave a comment if you were logged in.