In order to reset the password, one currently follows this workflow:
Access the island
Click on Reset it! and write the e-mail bound to the account
Receives N e-mails, depending on how many user accounts are linked to the used e-mail. E.g.:
1st (user from central LDAP):
Reset password at OFELIA CF Clearinghouse:
https://register.fp7-ofelia.eu/password_reset/forgotten
2nd (user from local LDAP; only in our island):
Reset password at OFELIA CF Clearinghouse:
https://<island_url>/accounts/password/reset/confirm/<token>/
Access the URLs, fill the new password and "a challenge" and press the button
Receive an e-mail such as:
The password for your account <account> has been reset.
You new password is: <generated_password> and the challenge you specified in the web form.
To login please assemble your password by concatenating the password above and the random chars.
Example:
Random chars: 123
Password of mail: XYZ
=> Password to login: XYZ123
You can change your password after logging in.
Best regards
Your OFELIA Team
The challenge at step 4 is not clear, and one might think it was some data entered at the registration time --> either explain it or remove it.
Also, the e-mail from step 5 is not clear - talking about "random chars" when it was previously called "challenge".
I personally think this adds unnecessary complexity, and the challenge could be removed; thus only the generated password being sent and encouraging the user to change it after log-in.
Though the reset works, it confuses users.
In order to reset the password, one currently follows this workflow:
Reset it!
and write the e-mail bound to the accountReceives N e-mails, depending on how many user accounts are linked to the used e-mail. E.g.:
1st (user from central LDAP):
2nd (user from local LDAP; only in our island):
Receive an e-mail such as:
The challenge at step
4
is not clear, and one might think it was some data entered at the registration time --> either explain it or remove it. Also, the e-mail from step5
is not clear - talking about "random chars" when it was previously called "challenge".