Getting Started
Using the Dashboard
Password and username recovery
This page walks you through the different options of self-service account recovery.

Allow self-service username reminders

This setting adds a "Forgot your username?" link to the self-service login screen.
Username field on the customer login screen
When requesting a username reminder, customers are asked to provide an email address.
Email address request screen for username reminders
Username reminders work for two types of identity stores:

When both identifiers are required

Both username and email address are required by the identity store and customers can use either of them to identify themselves.
When asking for a username reminder, customers have to provide their email identifier for this type of identity store.

When only username identifier is required

Customers can only identify themselves by the username they've provided at registration.
They can still ask for a username reminder, but they have to request it to an email address they've added to their profile as basic information.
If the email address is missing from a customer's account information, administrators can add it via the Admin Console.
Disable username reminders if your application's identity store only supports the email identifier.

Allow self-service password reset

This setting adds a self-service password reset option to the login screen.
Login screen with self-service password reset option
The option is displayed after customers have successfully identified themselves by a username or email address.
In case of identity stores that only support the 'USERNAME' identifier, the password reset option is only available when a customer has a confirmed email address or phone number.
When customers request password reset,
  • they are sent a secure link to their confirmed email address or
  • they are provided with a one-time passcode via their confirmed phone number
Password reset is on the way to the customer's email address with a follow-up email-only re-request option
If customers have a confirmed email address and a confirmed phone number, they are sent a reset link by default, but can re-request password reset via phone:
Password reset is on the way to the customer's email address with follow-up email and phone re-request options
If customers only have a confirmed phone number, a one-time passcode is provided for password reset:
Phone password reset options via text message or voice call
Customers can also choose to have their passcode in a voice call.
If you disable self-service password reset at login, your service desk can still provide password support for your customers via the Admin Console.

Lifetime of password reset by email

Specify how much time customers have for using the Magic Link.
The lifetime of the link is set to 60 minutes by default. The link should be considered and treated as a secret.

Lifetime of Password Reset Passcode by Phone

Specify how much time customers have for using a passcode.
The lifetime of the passcode is set to 6 minutes by default.

Allow customers to change their password

Allow your customers to reset their password in their self-service account (MyAccount page).
Self-service password management dialogue
If you disable this option, your
  1. 1.
    customers can still use the password reset email option (if enabled) at login
  2. 2.
    service desk can still provide password support via the Admin Console