Resetting Password Design for Mobile App

Investigating Primary Friction Points of Password Reset Flow

1. Difficulty Remembering Username or Email: Users may struggle to recall the username or email associated with their account, leading to delays or frustration in the password reset process.
2. Complexity of Password Requirements: Some mobile apps have stringent password requirements (e.g., minimum length, special characters), which can make it challenging for users to create or reset passwords that meet these criteria. Often these requirements aren’t shown while the user types the password and later the error dialog box pop-ups.
3. Confusion with Password Reset Process: The password reset process may be unclear or confusing for users, especially if they are unfamiliar with the steps involved or if the app lacks clear instructions or guidance. User often faces difficulty in discovering the password resetting CTA/ link.
4. Delays in Receiving Reset Instructions: Users may experience delays in receiving password reset instructions via email or SMS, particularly if there are issues with email delivery or network connectivity.
5. Security Concerns: Users may have concerns about the security of the password reset process, especially if they are required to provide sensitive information or if the app lacks robust security measures (e.g., two-factor authentication).
6. Time Bound Reset Links : Users may feel pressured to reset their password within the allotted time frame, leading to stress and anxiety, especially if they encounter delays or distractions during the process. They may need to request another reset link, resulting in additional steps or Users may encounter expired reset links.
7. Verification Challenges : Struggles with Captcha or security questions is real . Captcha may pose accessibility challenges for users while Security questions may rely on information that is publicly available or easily guessable, making them less effective and may compromise security.
8. Unclear Success Indicators : In the absence of clear success indicators, users may attempt to reset their password multiple times, hoping to receive confirmation which leads to strain on app resources, increased server load, lack of confidence in the app's functionality and reliability. Users may be left uncertain whether their password reset attempt was successful. This ambiguity can lead to frustration and confusion.

Overcoming the Friction points through the design presented

• Placing reset link close to password input field: Heuristic principles advocates users’ rights to make mistakes and providing users a password reset link works like an “emergency exit”. It allows users to recover from undesirable situation. Placing the reset link right below the password input works as clear and intuitive label which is easy to discover and informs user as to what happens when it is clicked.

Heuristic Principle 3: USER CONTROL AND FREEDOM

• Checklist shown while creating password: Instructions/ guidelines about password requirement shown on the screen help users to create strong passwords in the first try itself , eliminating the errors and frustrations which comes from repeating steps. These instructions works as documentation to help users understand how to create strong passwords.    

 Heuristic Principle 10: HELP AND DOCUMENTATION

•   Inline Validation for Password Input fields : As users type in input fields, using inline validation to provide real time feedback and/or flag potential errors or discrepancies. This helps in preventing mistakes even before they occur such as mistyped passwords or incomplete fields. 

  Heuristic Principle 5 : ERROR PREVENTION

• Feedback to CTA : Interactions provide visual or auditory feedback to users, indicating that their action has been acknowledged and the requested content is loading. Interactions can create the perception of faster loading times, even if the actual loading process takes a few moments. Feedbacks can be as simple as a dialog box popping up and saying “Request has been sent” or a gif or even an animation. 

Heuristic Principle 1: VISIBILITY OF SYSTEM STATUS

• Display of Confirmation Page : Without clear success indicators, users may experience uncertainty and anxiety about whether their password reset attempt was successful. When users receive immediate confirmation of a successful password reset, they are less likely to attempt the process multiple times out of uncertainty and thus preventing unnecessary duplicate requests and saves time for both users and support teams. Moreover, resetting Password can be a very frustrating process , so acknowledging their success creates a positive user experience. 

• Use of reset links/Codes over Captcha and security questions : As there can be multiple verification challenges when dealing with Captcha and security questions, resetting password via link or code sent on email/phone seems to be a better solution.

• Clear titles and description : Adding clear titles and a small description (if possible) provide users with guidance and context, helping them understand the purpose of each screen and the actions they need to take to complete the password reset process. On the first Reset password screen , I have added “Don’t worry, happens to the best of us." This line adds a nice human touch and shows empathy, without creating extra clutter on the screen. While the description isn’t necessary for creating a good user experience, the page would feel less personal without it.

• Flexibility of using phone number or email for resetting password : This allows users to reset password as per their convenience. Users may not have access to both at the time of password resetting , so its better to give them flexibility to choose how they want to reset the password. 

HEURISTIC PRINCIPLE 7: FLEXIBILITY AND EFFICIENCY OF USE

----------------------------------------------------------------------------------------------------------------------

That's all folks. Thanks for sticking till the end.

Please feel free to review my work and share feedback for the same.