Password Reset
Forgot your password? TextFlow provides a secure self-service password reset process using email verification codes.
Overview
Section titled “Overview”The password reset process:
- Request a reset code via email
- Enter the 6-digit code and your new password
- Log in with your new credentials
Time Limit: Reset codes expire after 15 minutes for security.
Step 1: Request Password Reset
Section titled “Step 1: Request Password Reset”Access the Login Page
Section titled “Access the Login Page”Navigate to your TextFlow URL and click “Forgot your password?” below the Sign in button.
Enter Your Email
Section titled “Enter Your Email”
- Enter your email address (the one you use to log in)
- Click Send Code
Check Your Email
Section titled “Check Your Email”You’ll receive an email from TELAIR TextFlow with the subject:
Password Reset Code - TextFlowThe email contains:
- A 6-digit code (e.g., 123456)
- Expiration time (15 minutes)
- Security warnings
Step 2: Reset Your Password
Section titled “Step 2: Reset Your Password”Enter Code and New Password
Section titled “Enter Code and New Password”
After requesting the code, you’ll see the reset form:
- Reset Code: Enter the 6-digit code from your email
- New Password: Enter your new password (minimum 8 characters)
- Click Reset Password
Password Requirements
Section titled “Password Requirements”Your new password must:
- ✅ Be at least 8 characters long
- ✅ Be different from your old password
- ✅ Not be a commonly used password
Recommendations:
- Mix uppercase and lowercase letters
- Include numbers
- Add special characters (!@#$%^&*)
- Avoid personal information (birthdays, names)
Success
Section titled “Success”After successfully resetting your password:
- You’ll be redirected to the login page
- Your email field will be pre-filled
- Enter your new password to log in
Security Features
Section titled “Security Features”TextFlow’s password reset system includes multiple security layers:
1. Email Enumeration Prevention
Section titled “1. Email Enumeration Prevention”The system always responds with:
“If the email exists, a password reset code has been sent.”
This prevents attackers from discovering which emails are registered.
2. Time-Limited Codes
Section titled “2. Time-Limited Codes”Reset codes expire after 15 minutes. This limits the window for potential attacks.
3. Single-Use Codes
Section titled “3. Single-Use Codes”Each code can only be used once. After successful password reset, the code is deleted.
4. Rate Limiting
Section titled “4. Rate Limiting”Password Reset Requests: Maximum 3 attempts per hour per email+IP address
Login Attempts: Maximum 5 attempts per 15 minutes per email+IP address
5. Secure Password Storage
Section titled “5. Secure Password Storage”Your password is securely encrypted before storage. TextFlow never stores passwords in plain text.
Troubleshooting
Section titled “Troubleshooting””Invalid or expired reset code”
Section titled “”Invalid or expired reset code””Causes:
- Code has expired (>15 minutes old)
- Code was already used
- Wrong code entered
- Email doesn’t match the one used to request the code
Solution:
- Request a new reset code
- Use the most recent code from your email
- Complete the reset within 15 minutes
”Too many password reset attempts”
Section titled “”Too many password reset attempts””Cause: Exceeded the rate limit (3 attempts per hour)
Solution:
- Wait 1 hour before trying again
- Contact your administrator if urgent
”Password must be at least 8 characters long”
Section titled “”Password must be at least 8 characters long””Cause: Your new password is too short
Solution:
- Enter a password with 8 or more characters
- Consider using a passphrase (e.g., “CoffeeTime2024!”)
Password reset succeeds but login fails
Section titled “Password reset succeeds but login fails”Causes:
- Using the old password instead of the new one
- Browser autofill using cached credentials
- Typo when setting the new password
Solution:
- Ensure you’re using the NEW password you just set
- Clear browser autofill cache
- Try the password reset process again, carefully noting your new password
Email not arriving
Section titled “Email not arriving”Causes:
- Spam filter blocking the email
- Incorrect email address
- Email server delays
Solution:
- Check spam/junk/promotions folders
- Verify you entered the correct email address
- Wait 5 minutes for email delivery
- Contact your administrator to verify your email address
If you’re already logged in and want to change your password:
- Click Settings → Security
-
Fill in the Change Password form:
- Current Password: Your existing password
- New Password: Your desired new password
- Confirm New Password: Re-enter your new password
-
Click Change Password
This method requires you to know your current password.
Security Best Practices
Section titled “Security Best Practices”- ✅ Use a strong, unique password for TextFlow
- ✅ Don’t reuse passwords from other services
- ✅ Use a password manager to generate and store complex passwords
- ✅ Change your password regularly (every 90 days recommended)
- ✅ Never share your password with anyone, including administrators
- ✅ Log out on shared computers to protect your session
Admin: Sending Welcome Emails
Section titled “Admin: Sending Welcome Emails”Administrators can send welcome emails to users with temporary passwords. See Sending Welcome Emails.
Q: How long is the reset code valid? A: 15 minutes from the time it’s sent.
Q: Can I use the same code twice? A: No, codes are single-use only.
Q: How many times can I request a reset code? A: 3 times per hour per email address.
Q: What if I don’t receive the email? A: Check spam, wait a few minutes, verify your email address, or contact your administrator.
Q: Is the reset process secure? A: Yes, it uses industry-standard security practices including email verification, time-limited codes, rate limiting, and secure password hashing.
Need additional help? Contact your administrator or submit a support request.