Need help during the 2024 holiday season? Click here to view our special Holiday Support schedule.

Email Password Recovery System

The OpenSRS webmail platform features a password recovery system. Users who have enabled this feature can recover their password via SMS, alternate email, or through challenge phrases. 

Enabling Password Recovery

By default, password recovery is disabled for all mailboxes. Password Recovery options can be extended to end users by updating the brand settings associated with a domain or company. 
 
To enable password recovery:
  1. Login to the Mail Administration Console for your reseller account
  2. Click on Brands on the left hand side of the screen
  3. Select the brand
  4. Under Services and Settings select the Password Recovery options you wish to extend to your users. SMS, Email and Challenge-Response options can be enabled individually or in combination.
  5. Click Update to save the changes

Password_Recovery_Branding_Option.png

 

Managing Password Recovery

Once Password Recovery is enabled, users will see an additional webmail preferences section called Password Recovery, in which they can configure the service with a phone number and/or alternate email address and/or security questions and answers.
 
Screen_Shot_2018-05-01_at_1.40.44_PM.png

SMS

When enabling this option, the user will be required to enter their internationally standardized phone number and their current password.  To complete the setup process an SMS text message with a code will be sent to the phone number submitted.  Only after the code is successfully entered is the SMS recovery option fully configured.
 
Phone Format: +CCCNNNNNNNNNN, where C = country code, N = phone number
 
Web_Mail_Preferences_Example.png
 
Once this option is enabled, should the user fail to authenticate when logging into Web Mail, a password reset link will appear on the login page.  On clicking the link a SMS button will appear which when clicked will send an SMS text to the user’s configured phone number. The login section will immediately load the option to enter the code and confirm a new password to set on the account.
 
Recovery_Options.png

Email

When enabling this option, the user will be required to enter another email address and their current password.  To complete the setup process an email will be sent to the entered email address that includes a code.  The code can then be entered on the preferences page to complete the setup.
 
Once this option is enabled, should the user fail to authenticate when logging into Web Mail, a password reset link will appear on the login page. On clicking the link an Email button will appear which when clicked will send an email to the alternate email address configured, and the login section will immediately load the option to enter the code and confirm a new password to set on the account.
 

Challenge Response

When enabling this option, one or more questions and answers can be configured by the user, and the current password must be entered.
 
Once this option is enabled, should the user fail to authenticate when logging into Web Mail, a password reset link will appear on the login page.  On clicking the link a Challenge button will appear which when clicked will load a question and answer option and fields for confirming a new password.
 
We do not recommend implementing this option as social engineering techniques can allow for someone to hack into the account in certain cases, but have nonetheless made the option available to our resellers given the number of requests we've received for it.
 
Challenge_Response_Login_Page_Example.png
 

Was this article helpful? If not please submit a request here

How helpful was this article?

Thanks for your feedback!

Do you still need help? If so please submit a request here.