Forgot Password - Do you read their mind?
Last updated by Brady Stroud [SSW] 8 months ago.See history This rule has been archived
Archived Reason: Re-entering the email after an incorrect login attempt and when proceeding to the "Forgot Password" screen is a good security practice in the password reset process. It helps ensure the customer's information remains secure.
Unfortunately here is the normal routine to get an email with your password.
- You go to a Login form, enter your email and password, and click the 'Login' button.
- You get a validation message like 'Incorrect Password'.
- Then you have to click a 'Forgot Password' link to go to another 'Get Password' form, and then they almost always ask you to enter your email again and then click 'Get Password' button.
Question: Why do 99% of the websites out there, ask you to - Enter you email again (they have already got it) - Then click 'Get Password' (you have already clicked the link 'Forgot Password')
Answer: Because they are not trying to read your mind.
The goal should be: Be more efficient and user-friendly and save them a step. Please DO NOT bother users to do any more redundant work.
Instead enter their email when they click 'Forgot Password' link.