There are two situations where a user can reset their password. They might have forgotten it, or might want to update it once logged in.
Reset a Forgotten Password
The reset password form can be used by a user to reset their password when they know their username. The user enters their username (which will generally be their email address) and the form searches for any accounts that have a login with that username. If an account is found the user is emailed a PIN which they can enter to proceed to the reset password page.
If more than one account is found with the supplied username as a login, an error will be displayed, advising the user to contact you. This is unlikely to happen as the registration process checks for duplicates and won't let a user register if an account already has their email address as a login.
The standard form we provide is called CITIZENRESETPASSWORDEXAMPLE. it should be published on an article using the Forms Service template, and that article picked as a "utility article" in the article extras of your Authentication article.
Changing a Password
Once a user has logged in they may want to change their password. This form is usually made available to users via the My Account template.
The change password form can only be used if the user has logged in with an iCM site user, it will display an error message if the user has logged in with another provider (Google or Facebook for example).
If a user enters their current password incorrectly, the password update will fail. If they fail five times in a row the user is prompted to reset their password instead, although this is unlikely to happen as the user will have only recently logged in.
Once a password has been changed the user is sent a confirmation email.
The standard form we provide is called CITIZENCHANGEPASSWORDEXAMPLE.
Share this page
