Picto thématique

Rule n° 196 - Password operations can be carried out in their entirety online.

"You can't find your password, no problem! Enter your name, first name, date of birth, your grandfather's maiden name, you will receive your new password in a few days by post. Until then, we hope you won't need our service too much." If this more or less imaginary message echoes your own experiences - banking, for example - you don't even need to be told why you should be able to change or reset your password online.

#Security #Development

Goal

  • Provide an immediate solution to the user's problem.
  • Limit the difficulties in the use of other modes of communication.

Implementation

Allow the user to perform all password related actions (reset lost password, modification, etc.) completely online. For example: a password reminder or a new password should not be sent by post.

Control

Check that it is possible to perform all password related actions (reset lost password, modification, etc.) online.

By Opquast - Read the license