Ensuring public safety for the 21st century

Resolved - Password Reset Emails Not Expiring For 4 Hours

Normally, the password reset email is supposed to expire after 20 minutes. But the vendor has informed us there is a bug in the time stamp section of the code causing the reset emails to not expire for 4 hours.

This means that if for some reason a user doesn't receive the first password reset email (blocked by a spam filter, etc.) then they will not be able to successfully request another reset email for 4 hours. All requests for a password reset email up until the 4 hours have passed will be ignored by the application.

Appriss is aware this is a serious issue and they have it documented and ready to address in the next ICOTS release.

Just to be clear, this is only a problem if the user does not receive their first password reset email. Which is almost always caused when the email is either blocked or filtered by some sort of junk mail filter at the department level or in the user's inbox.

In all reported instances, as long as all emails from "icots@globalnotifications.com" have been white-listed by the user's email server, the password reset email is delivered successfully the next time a password reset is requested after the 4 hour time limit.

This issue does not affect users who have no issues receiving their password reset email.

Was this article helpful?
1 out of 1 found this helpful

Comments

1 comment

  • Avatar
    Xavier Donnelly

    * UPDATE 12/7/2011 *

    This issue was resolved with release 16.0. Password reset emails should now expire after 20 minutes. Meaning a user that did not receive their first password reset email because it was blocked by a spam filter can request another password reset email after 20 minutes instead of waiting 4 hours.

Please sign in to leave a comment.