SiteGenesis Forgot Password

SiteGenesis resets passwords using an email. On the My Account Login page, the customer clicks Forgot Password? A new window opens, asking for the customer's email address.

When the customer enters an email address and then clicks Send, Salesforce B2C Commerce:

1. Validates that the input is a syntactically valid email address. If not, shows a message to the customer to enter another email.
2. Retrieves the Customer object with the given login. If the customer isn't found, shows an error: "No matching email address was found."
3. Calls the API to generate a reset-password code for the Customer. This will be valid for 30 minutes and will invalidate any previously generated code.
4. Constructs an email with a hyperlink back to the current site, containing the token in the querystring. The email is generated by a simple template that is stored in SiteGenesis.
5. Sends the email to the address stored in the customer profile.
6. Show a message to the customer: "Thanks for submitting your email address. We've sent you an email with the information needed to reset your password. The email might take a couple of minutes to reach your account. Check your junk mail to ensure you receive it." (See Security Considerations below.)

When the customer receives the email and follows the link, the SiteGenesis Account pipeline is triggered, which calls the ValidateResetPasswordToken pipelet to find the customer associated with the token on the querystring. There are two cases:

• If the customer isn't found, or if the token is expired, B2C Commerce redirects to a page where a customer can request another password-reset.
• If the customer is found and token is valid, B2C Commerce shows a window (modifiable template) prompting the customer to enter their new password twice.

When customer submits the form, the following occurs:

1. The pipeline validates the token again. (It might have expired in the meantime.) If the token is expired, B2C Commerce redirects to a page where a customer can request another password-reset.
2. The pipeline calls the API to set the customer password using the token. In this process, the token is compared with the token stored in the Customer record. If the token is invalid or expired, or the password isn't valid according to site rules, then B2C Commerce shows an error message.
3. If successful, the customer is logged in with the new password, B2C Commerce sends an email to the customer that the password has changed, and shows a confirmation page.

Security Considerations

Several customer-facing account management and authentication components request user email addresses and report to the customer whether or not these addresses are valid user names. An attacker could use one of these pages to enumerate valid user names, which in turn facilitates password brute-forcing or phishing attacks.

To address this concern in SiteGenesis, the Account-PasswordResetDialog shows the same message whether or not the email address exists in the customer records.

The following common message appears:

Thanks for submitting your email address. We’ve sent you an email with the information needed to reset your password. The email might take a couple of minutes to reach your account. Check your junk mail to ensure you receive it.

Update Password Page Where the Customer Must Enter Old and New Password

The SetCustomerPassword pipelet optionally validates the customer's existing password before setting a new password. You can use this to implement an Update Password page where the user must enter both the new and the existing password for security reasons. The SetCustomerPassword pipelet uses the parameter VerifyOldPassword.

• If this parameter is set to true, the pipelet verifies the value of the OldPassword input parameter.
• If this parameter is set to false (default), the OldPassword parameter is ignored.

The following SiteGenesis Core cartridge files provide this feature:

• pipelines
• templates
• resource bundles
• pipelets