When user resetting his password there only success or denied options. To make it more friendly for user, need:
1) Notify user what field is not correct;
2) How many attempts left; (Need to be limited as hackers may use this page to try variants of credentials);
3) Block user if attempts are over limited;
When user resetting his password there only success or denied options. To make it more friendly for user, need: 1) Notify user what field is not correct; 2) How many attempts left; (Need to be limited as hackers may use this page to try variants of credentials); 3) Block user if attempts are over limited;