TechSmith Password Reset Messages Trick Customers into Timeout Difficulty

  • 1
  • Problem
  • Updated 2 years ago
Password Rest E-Mail Messages from TechSmith have a Big Blue Button to click for PW Reset Action.  That is nice,  BUT, they also have words leading to a "Learn More" link.

If one clicks on the "Learn More" Link he learns about the nice system from TechSmith for tracking the items in one's account, like License Keys, Purchase Records, etc.

When he finally gets back to clicking the Reset Password Button, after learning that there was nothing that he need to Learn More about Before he clicked the Reset Password Button, he learns that he has waited TOO LONG to Click the Button, and his PW Reset Link has expired.

He then requests another PW Reset Message.

His E-Mail provider, now AOL in my case since Verizon is migrating E-Mail Service to AOL, sees another message from the same source with the same Subject Name and figures that it is SPAM.  It then seems to slow down delivery, if it delivers it at all.

By the time one gets the subsequent PW Reset Message the PW Reset Link has Expired.

This went on for about 5 cycles in my case.  PW Reset was about a 45 minute job, and could perhaps have been much longer.

TechSmith should do one or both of the following, ideally BOTH:

1) Remove the unnecessary wording and the "learn more" link from PW Reset E-Mail Messages;

2) Increase the length of time that a PW Reset Message is valid.
Photo of TAP

TAP

  • 26 Posts
  • 1 Reply Like
  • Almost Angry

Posted 2 years ago

  • 1
Photo of Glenn Hoeppner

Glenn Hoeppner, Employee

  • 1754 Posts
  • 286 Reply Likes
Hi TAP,

Thanks for this feedback. I think you're right and we probably could adjust the wording in the email.

You are correct in that the password reset links expire. There are two conditions which cause them to expire: (1.) the link is more than 24 hours old (2.)  another password reset request for the user been generated.

I think that your delayed delivery combined with spam contributed to your problem.

If I tried to reset my password on a site, I would expect to receive the email within seconds. If it was longer than ten minutes, I'd probably click the reset password link again. If that's what you did, when the first (delayed) email arrived in your inbox, the link was already dead when you received it because a new reset request was generated. Sound about right?

I'm not sure what we could change about that part, because we expire those links for security reasons. Would additional messaging in the email about expiring links have helped you?

Thanks again, and sorry for the trouble,
Glenn