24/7 Support: 800.608.6482

Developer Docs

Try our new AI assistant by clicking the chat icon in the lower right corner.

How To Guides

Customer Password Reset

Overview

9.13 introduces a new and improved handling for how a customer resets their password in Miva. Its goal is to reduce the number of steps and friction for the customer so that when they reset their password, they are able to continue forward quickly.

Password Reset Style

As of 9.13 there is now a new setting for the forgot password flow. Under Customers -> Customer Settings Tab

This lets you choose one of two options:

  1. Generate Temporary Password
  2. Require Password Change

Generate Temporary Password

This is the “old” way a customer can reset their password. After the customer clicks on the forgot password link, they are presented with a temporary password which they will use to login to Miva with. Once logged in, it is up to them whether they actually reset their password to something they will remember.

The user experience problem with this flow is most customer don’t then go in and change their password back to something they will remember. They leave it as the temporary password which likely means they will need to use the forgot password again next time they login in.

Also, when using this method the link they get sent via email can only be clicked once before it gets invalidated.

Require Password Change

This is the “new” forgot password flow and has two advantages of the "generate temporary password"

  1. The link in the email has a 24 hour expiration, and can be clicked multiple times
  2. The customer does not need to login with a temporary password. Instead they click the link and are immediately presented with fields to choose a new password.

Note: The customer is not actually logged in at this point. If they click off this page, they would need to re-click the link in the email to get back here.

Then once the customer changes their password, they are taken back to the customer loign screen to login using the new password:

Password Reset Link Expiration

This setting only applies if you are using the "Require Password Change" setting.

There is now a new setting under: Customers -> Customer Settings -> Password Reset Link Expiration

This is set to 1440 minutes (24 hours) by default. This will allow the customer to click this link (multiple times if needed) within an 24 hour period before it expires.

New Page Template

9.13 introduces a new page template which is used for the "Require Password Change" option. The page template is called CSTR - Customer Password Reset. Prior to changing over to the new Require Password Change option, this new page will need to be styled to match your existing site look and feel.

Copyright © 1997 – 2024 Miva®, Miva Merchant®, MivaPay®, MivaCon®, Camp Miva®, Miva Connect®, Miva, Inc. All Rights Reserved.