<div dir="ltr"><div>When a user requests a new password, I've noticed to problems:</div><div><br></div><div>1) The user HAS to be able to remember both username + email (which is not likely in all cases, ie. it should be enough to remember one of them or it should be possible to retrieve the username using email also).</div>
<div><br></div><div>2) The URL to reset password is broken in gmail.</div><div><br></div><div>The first about username + email I think is self-explanatory, but the URL to reset needs a little further explanation.</div><div>
<br></div><div>Basically the URL consists of the domain, "shorturl.php" and an ID.</div><div><br></div><div>In the ID there is often (always?) a period (".") in, which breaks the string in gmail. </div>
<div><br></div><div>Ie. when I click the URL i get a very ugly "Link you have used is invalid or has expired. ." notification back.</div><div><br></div><div>If i instead copy the whole string (incl the part on the right of the period (".")) then it works.</div>
<div><br></div><div>So, my suggestion would be to simply avoid having period (".") in the ID all together?</div><div><br></div><div><br></div><div>An example mail would be: </div><div><br></div><div>Hi christian, <br>
</div><div>This email was sent to you as you submitted the request to change password for Simply CRM.</div><div>Please follow this link to reset your password. </div><div><br></div><div><a href="http://vtiger.campgain.com.com/shorturl.php?id=53b25ba49a6658.87162670">http://vtiger.campgain.com.com/shorturl.php?id=53b25ba49a6658.87162670</a></div>
<div><br></div><div>Thanks,</div><div>VTiger CRM</div></div>