Versions Compared

Old Version 5

changes.mady.by.user CPF (Unlicensed)

Saved on

compared with

New Version 6

changes.mady.by.user CPF (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Excerpt

In order to increase the security, a new reset password procedure allows the end user to change the password without sending a password unencrypted by email. The end user receives a link in order to change his password.

Solution

On-line procedure

1. As in the current solution, the user enters the Ticket Shop, displays the Sign In page, and clicks on FORGOTTEN YOUR PASSWORD? Then, he enters his email address and clicks on button RESET PASSWORD. Request is completed with success message Your request has been registered. You will receive an e-mail including a link that will allow you to reset the password. If you don't receive the email, it means your account has not been created. Please repeat your request.

...

Info
titleCharacteristics of the reset password link

Following measures have been taken to ensure a very high level of security:

  • The link is valid during 48 hours. Once the link is expired, the internet user will have to click again on FORGOTTEN YOUR PASSWORD? in order to get a new link.
  • A link can only be used once
  • The link is protected against forgery by means of a digital signature. In other words, a dishonest internet user has no chance to reset the password of another contact by modifying the link.

Box office procedure

The box office provides you the choice between the old and the new procedure

Image Added

  • The CHANGE PASSWORD button matches the old procedure. The operator can enter a new password for the contact directly
  • The RESET PASSWORD button matches the new procedure. A reset password link is sent to the contact as described above

Getting started

  • If relevant, customise the email to be sent to the end customer by modifying the template of document class "Follow shipment"

...