• Airlock Secure Access Hub
  • About this document
  • About Airlock IAM
  • IAM 8.3 release notes
  • Security best practices
  • Installation and upgrade
  • Operation
  • Initial configuration
  • Configuration management
  • Authentication
    • Interaction models
    • Authentication methods
      • Username and password
        • Password repositories
        • Password policies
        • Password change self-service
        • Password reset self-service
          • Reset flow example
          • Reset using email and mTAN
          • Reset using email links
          • Reset using secret questions
        • Password end-to-end encryption
        • HSM support
        • AWS KMS support
      • Airlock 2FA
      • FIDO
      • mTAN/SMS
      • OATH OTP
      • Cronto (OneSpan)
      • Digipass OTP
      • Email OTP
      • Matrix card
      • Token auth via RADIUS
      • Client cert. authn (X.509)
      • Front-side Kerberos authn.
      • SSO tickets
    • Remember-Me
    • Step-Up authentication
    • Risk-based authentication
    • Failed logins and temp locking
    • Username transformation
    • Maintenance messages
    • User representation
    • Events and notifications
    • Login from new device
    • Actions on log out
  • Self-services
  • Target applications
  • OAuth and OIDC
  • SAML
  • API access control
  • Flows (Airlock IAM concept)
  • Loginapp Configuration
  • Adminapp Configuration
  • Service Container Configuration
  • Transaction Approval Configuration
  • IAM REST APIs
  • Customizing UIs and texts
  • Third-party licenses
  1. Authentication
  2. Authentication methods
  3. Username and password
  4. Password reset self-service
  5. Reset using email links

Password reset example: Using email links

The following example screen flow shows a variant of the password reset flow with the following properties:

  • An email with a link (rather than an OTP code) is sent to the user.
  • This example does not include a 2nd-factor approval step.
  • Note that the email link could also have been sent by the helpdesk or administrator.
  1. Start self-service on the login page:
  2. Enter username:
  3. An email with a link is sent to the user and the following confirmation page is shown:
  4. After clicking on the link in the email, the password reset flow continues by asking the user to set the new password. Note that the following steps may be on a different session than the ones above.
  5. A confirmation page is shown: