Old Password (After Pw. Reset) Should NOT Matter to Sync Data!

Follow
Avatar
Maged

If one forget their password for the ES iForm App, one should not be required to remember it, otherwise lose all un-synced data. From a security stand point this is ideal, however adding the human factor of forgetting information/passwords this does not work and accounts for lost time.

I would suggest adding another layer of security such as send a code to your device or ask questions from a previously saved questioners to be able to confirm the identity of the user.

Please consider re-evaluating asking for "Old Password" after resetting it.

Thanks,

 

0

Comments

1 comment

Sort by Date Votes
  • Avatar
    Tony Ruth

    Hi Maged, thanks for your feedback and you raise good points. The implementation of iForm ES does not consider these convenience factors, and it could be useful to see what options exists for finding a nice balance between security and usability.

    At present, iForm ES focuses on security over usability and has been approved for use in some highly sensitive use cases due to these capabilities.

    Perhaps your points could lead us into another version of the application which finds a balance between iForm, and iForm ES.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post
Powered by Zendesk