Reset Password Design for Mobile App: Roundout

Investigating Primary Friction Points

1. Forgetting Username/Email: Users often forget which email or username they used for an account.
2. Complexity in Navigation: Difficulty in locating the "Forgot Password" link.
3. Verification Challenges: Struggling with CAPTCHA or security questions.
4. Multi-Step Processes: Frustration with lengthy or confusing steps.
5. Delayed Email Links: Waiting for the reset email link to arrive.
6. Time-Limited Links: Stress about links expiring too quickly.
7. Re-Using Old Passwords: Confusion when not allowed to use previously used passwords.
8. Unclear Success Indicators: Lack of clear confirmation that the password has been successfully reset.

Step by step rationale of the offered design:

• Clear Entry Point for Password Reset: The initial login screen offers a clearly marked "Forgot Password?" option. Rationale: Users who have trouble remembering their password are likely to start at the login screen, so placing the reset option here minimizes confusion and ensures a smooth start to the recovery process.

• Email Confirmation Step: The user is prompted to enter their email to receive a verification code. This step confirms the user's identity and prevents unauthorized password reset attempts. Rationale: Using email as a verification tool is standard practice that balances security with user convenience, leveraging something the user has access to without requiring additional authentication hardware.

• Immediate Feedback on Action: Once the email is submitted, the user is informed that a link is on its way, and there's a prompt to open the email app directly. Rationale: Immediate feedback assures the user that the process is working as expected. Offering a shortcut to the email app simplifies the user's journey, reducing the cognitive load and making the process feel seamless.

• Code Entry Screen: Instead of clicking a link, users are asked to enter a code received in their email. Rationale: Entering a code, as opposed to automatically resetting via link, adds a layer of security by ensuring the person attempting the reset has both access to the email account and is actively engaged in the app. It also keeps the user within the app environment, providing a more controlled and secure experience.

• Instructions when creating a new password: When setting a new password, the user is given clear guidelines on the requirements (character length, character variety). Rationale: Providing these instructions helps users create a strong password on the first try, reducing the likelihood of errors and the frustration that can come from having to repeat steps.

• Confirmation of Password Reset: The final screen indicates a successful password change with a “Changed!” message and a CTA to continue to the app. Rationale: Clear confirmation of success closes the loop on the reset process, providing a sense of completion and reassurance. The CTA to proceed directly back to the app encourages immediate re-engagement with the product.