I was wondering what the "standard" usage rate of the "forgot my password" flow is on other ecommerce/industry websites? Right now not t开发者_开发问答hat many people go through the "forgot my password" link on my website, but that's mainly because most people don't have passwords. I'm in the process of installing a new login (which will encourage people to create passwords), so I anticipate that the number of people who go through the "forgot my password" link will go up, but I don't have any real baseline to compare it against.
So does anybody know what the typical percentage of users executing the "forgotten password" flow is?
A typical user will probably be prompted to log in once every four weeks. Our password requirements are currently minimal.
This should probably be on the pro webmaster version of stack overflow.
However, I think it depends primarially on website content and user base. If your site is the sort where you login once every few months, then you will probably have a higher proportion of people using the forgotten link.
If it's one people login to every day, like facebook, the % will probably be a lot lower.
It's also going to depend on your password policies. If you require non alpha-numeric digits then your going to have a lot more requests.
It shouldn't really matter what % of people use it, as long as the logic behind it is secure and doesn't allow for exploitation.
I don't think these numbers are available as they are dependent on many different factors:
- How often do the users access the service?
- Are logins stored in a cookie, if so, for how long?
- Are there any restrictions on the password such as minimum length?
- What are the drawbacks of creating a new account (any loss of information or just the name?)
- Is it a service that typically needs to be accessed from multiple machines
... are a few parameters that come to mind.
On the many platforms I've managed, it has mostly been a common flow. But it depends a lot on the platform, on the formality and function of it. While it will be normal on a simple blog-like social media, you won't see it that often on websites where there is money involved, or at least this is what I have seen on my experience.
Our password requirements are currently minimal.
I'm pretty sure this has a lot to do with your low percentage, but if you don't carry any sensitive information, you shouldn't change it.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论