Resetting passwords might seem like a simple task, but it’s actually a crucial aspect that shouldn’t be overlooked. By following these best practices, password reset emails can become valuable opportunities!
We’ve all experienced the panic of misplacing our house keys and the relief of quickly finding them or getting a spare. Forgetting a password can induce a similar feeling, but luckily, users can request a “spare key” through an account password reset email—no need to stress or hire a locksmith!
However, restoring an account requires a delicate balance between security measures and user-friendliness. Just as you wouldn’t leave a spare key under the doormat for anyone to find, a password reset email should not make it easy for unauthorized individuals to take over an account.
At the same time, a password reset email is a chance for a positive customer interaction that you should make the most of. These 10 best practices will guide you in creating a password reset email that not only secures the account but also provides a great customer experience.
What is a password reset email?
A password reset email is a type of transactional email sent to customers when they click on a “Forgot password?” link. This email includes a link to the service’s password reset webpage, where the recipient can update their login information.
Below is an example of the login screen and password reset request for Airtable, a platform used for building collaborative apps.
When a user clicks “Forget password,” they input their email address, and Airtable sends the following email. Clicking the link in the email directs them to a password reset page, where they can enter a new password, completing the account recovery process.
Using email to reset a user’s password is optimal because it’s seamless—customers can quickly and easily enter a unique email address they remember. It’s also secure because only the owner of the email account should have access to the inbox.
Elements of a password reset email
Password resets occur constantly, with most customers accustomed to the routine of receiving and using password reset emails. This isn’t the moment to innovate or get overly creative!
The perfect password reset email should include these components:
– A recognizable “From” name and a clear subject line regarding password reset
– Incorporation of the business logo and consistent email design
– An explanation detailing why the password email was sent
– A visible link or button to facilitate password reset
– A specified expiration time for the password link
– Instructions on contacting support for additional assistance
5 best practices for password reset emails
1. Land in the inbox immediately
Customers request a password reset when they require immediate access. This implies that the quicker the email arrives, the better! The password reset email example below from Notion appears in the inbox almost instantly, allowing people to resume their tasks promptly.
2. Keep it super simple
People anticipate a swift resolution with minimal hassle. Therefore, ensure your password reset email is concise and straightforward. Take a look at this minimalist version from CamelCamelCamel (yes, that’s the company’s name), explaining the situation and outlining the next steps succinctly.
3. Clearly label your email
Ensure your password reset email includes clear and recognizable headers to alleviate any concerns about phishing. Opt for a meaningful subject line and replace the no-reply address with a genuine email that recipients can respond to!
Grain, an online delivery service, excels in these aspects. There’s no doubt this email originates from them. Their subject line is straightforward, their logo is prominently displayed in the inbox, and there’s a genuine email address for recipients to reply to!
4. Use one main CTA
Top-notch password reset emails feature a single clear Call to Action (CTA) button or link. Avoid additional CTAs that could confuse or divert customers from their objective. Consider including a copyable reset URL, as seen in Etsy’s approach, in case individuals are unable to click through to the browser.
5. Always send a follow-up email
To maintain security and prevent hackers from gaining insight, neither confirm nor deny the existence of an account on the password reset page.
Encountering a situation where an account doesn’t exist or customers used a different email can be frustrating. Don’t leave customers in the dark. Follow REI.com’s lead by seizing this opportunity to send them an explanatory email, aiming to turn them into satisfied customers!
Why password reset emails are important
Every online account requires a password to verify its owners. Despite the routine and transactional nature of password reset emails, they hold significant importance in the customer experience.
A successful password reset email, restoring account access, creates a positive moment that strengthens trust as a dependable partner. Conversely, a clunky reset process can lead to frustration. Customers who can’t access their accounts are unlikely to remain engaged for long!
Keeping the account secure
It’s essential to reassure your customers that you handle their personal data with care and grant access only to the rightful account owner. Any data breach can lead to unfavorable publicity for your business, which may be difficult to recover from.
For instance, ASOS, a well-known online clothing and accessories retailer, devotes their entire password reset email to promoting secure password practices and ensuring the safety of user accounts!
Password reset best practices checklist
Keep this checklist handy for creating top-notch password reset emails that ensure the best experience for your users!
1. Ensure excellent email deliverability: Aim to land in inboxes swiftly.
2. Keep it simple: Opt for minimal design to help users easily find their password reset link.
3. Use clear headers, subject lines, and sender email addresses: Provide reassurance that your email is authentic.
4. Focus on one main Call to Action (CTA): Make it easy for recipients to know where to click.
5. Address invalid email addresses: Inform recipients if their email isn’t linked to an account.
6. Infuse brand personality: Add a touch of personality to make recipients connect with your brand.
7. Limit marketing content: Keep the email concise and relevant.
8. Send both HTML and text emails: Ensure accessibility by sending both formats.
9. Provide support details: Let recipients know where to seek assistance if needed.
10. Regularly update and test: Ensure deliverability and functionality by testing and updating your emails regularly.