If the user selects the option to “Reset password”, a new page will be loaded with a single panel containing fields to confirm the reset process.
- The user must enter an email address with a valid format / structure as mandatory.
- The user must enter their surname as a means to confirm their identity.
The form footer has two buttons, one to “Cancel” the request and return to the login form as the second to submit the request, titled, “Reset Password”.
Validation is completed after the user selects the “Reset Password” button. Once the form is submitted back to the server, additional checks will be run to verify that the email address submitted is valid and other intrusion detection processes. If the email address check fails (i.e. not a registered email address), the original form is re-posted with the field highlighted and a suitable message displayed.
If fully validated, the account is marked as “pending”, a reset email is issued and a “success panel” is displayed with the following information:
