Email is a critical key of the portal, especially for this login purpose, it should always be valid so that we can send email to the user for resetting password or creating one when there is none yet.
User should first fill in a valid email on the email address section. We then check if the email exists on the corresponding portal. If the email is valid, another input for password should appear, otherwise we users will be notified with this error:
"Email Not found We didn't found your email address, please make sure that it's correctly spelled"
If the user hasn't set up a password yet, we directly send an email to the email address they have set up to allow them to create a new password.
Any errors on this process will appear on screen.
This allows user to reset a password, the main input for this is only the email address they have used in setting up their account, otherwise we notify the user that the email doesn't exist on the current portal.
The token for password reset expires automatically in 15 minutes.
New Password Form
This is the form for setting or resetting a password for any user which are member on a given portal, if the user is not yet member he will get an error message saying that the email is not found.
While submitting the form, we will set an hashed value of password in our database and on the portal item by the [*Hash Password*] field.
Note: We never store clear password in our system either in database or in Podio
Errors & Troubleshoots
Email not found: The email is not yet mapped in the portal which the user is trying to connect with
Password incorrect: The password filled by user doesn't match with the hash value in our database
Sorry, we could not send the reset email to your email: This occurs when we failed sending an email to the user caused by entering an invalid email address or a system issues which is entirely on our side. If this occurs please contact email@example.com
Invalid token: The token used on the reset link is not valid, this token ensure authenticity of the link
Token expired: 15 minute validity of the reset link has expired and not valid anymore, user should request for a new link