A user has forgotten their password and wishes to reset it.
Basic Path
The use case starts when a user fails to login and indicates that they wish to reset their password.
The system requests a username (must be an email address).
The user enters a username.
The system checks that the username exists within the database.
The system sends an email to the registered email address, the email contains a link to change the current password.
The user clicks on link in email address.
The user is redirected to a portal where the password can be changed.
The user enters a new password.
The system validates the new password against specific requirements.
The system updates the password hash in the database.
The system displays a successful message to indicate the password has been updated successfully.
The user is redirected to the login page where the new password can be used.
Alternative Paths
Step 4: If the username/email address does not exist within the database, the system displays an error message and the use case goes back to step 2.
Step 9: If the new password does not conform to the validation, the use case will go back to step 7.
Exception Paths
The user does not exist, in this event the user will be sent a message to indicate they must sign up for an account.
The user can cancel the operation at any time.
Preconditions
The user must have an account.
Postconditions
The users password is now reset, the new password must be used to login from this point onwards.
A user has forgotten their password and wishes to reset it.
Basic Path
The use case starts when a user fails to login and indicates that they wish to reset their password. The system requests a username (must be an email address). The user enters a username. The system checks that the username exists within the database. The system sends an email to the registered email address, the email contains a link to change the current password. The user clicks on link in email address. The user is redirected to a portal where the password can be changed. The user enters a new password. The system validates the new password against specific requirements. The system updates the password hash in the database. The system displays a successful message to indicate the password has been updated successfully. The user is redirected to the login page where the new password can be used. Alternative Paths
Step 4: If the username/email address does not exist within the database, the system displays an error message and the use case goes back to step 2. Step 9: If the new password does not conform to the validation, the use case will go back to step 7.
Exception Paths
The user does not exist, in this event the user will be sent a message to indicate they must sign up for an account.
The user can cancel the operation at any time.
Preconditions
The user must have an account.
Postconditions
The users password is now reset, the new password must be used to login from this point onwards.