Customer Portal New Password Prompt
It would be nice that when a new customer receives their randomly generated password, that there would be a prompt to have them change it to something they want.
As it currently stands, the only options users have is to receive an email with a randomly generated password (or so I'm told this happens) or they can choose the option of 'Forgot password' and reset the password themselves. Currently, it doesn't seem like if the user were to input the random password that they would be prompted to change it. So its back to either the 'forgot password' option to reset the password or use the random password to log in and then change their passwords from within.
Chase Baird
shared this idea
Nice! The feature you requested is being reviewed by our product team. We’ll keep an eye on the number of votes, and let you know if a decision is reached to implement. Thank you for being a partner in our process!
-
Adam Lavery
commented
Agree, initial account setup is insecure and does not comply with GDPR requirements. Initial random emailed password should only be used once. On first login they must be prompted to change it. Being able to keep using a password that was sent via open email is a security risk, both to the customer and the platform. And customers must not be allowed to reset the password to the same!
A password strength indicator on the reset form would help customers choose a strong password. Assume weak passwords are already not permitted.