Changing your password
Update your password from inside the app, or recover via email if you've forgotten it.
Overview
Two paths: change while signed in, or recover via email if forgotten. Either way, the platform enforces password complexity (12 chars, mixed case, number, symbol).
Prerequisites
- Either knowledge of current password (in-app change) or access to your email (recovery)
Steps
Path A — change while signed in. Avatar → My Profile → Security tab → Change password.
Enter current password. Required to prevent unauthorised change if your session is hijacked.
Enter new password and confirm. Strength meter updates live; aim for "Strong" or "Very strong".
Submit. All other sessions sign out automatically. You stay signed in here.
Path B — forgot password. On the sign-in page click Forgot password.
Enter your email. A reset link goes to that inbox. Link expires in 1 hour.
Open the email and click the link. A reset page opens.
Set new password and confirm. Strength rules same as in-app. Submit.
Sign in with the new password. All other sessions are invalidated; sign in fresh.
Expected outcome
- Old password invalid; new password works
- All other sessions terminated
- Audit log entry records the change with timestamp and method (in-app vs recovery)
Troubleshooting
| Symptom | Likely cause | Fix |
|---|---|---|
| Reset email never arrives | Spam or typo | Check spam; click Resend (limited to 3 per hour) |
| Reset link "Expired" | Older than 1 hour | Request a new one |
| New password rejected | Doesn't meet complexity | Re-pick: 12+ chars, mixed case, number, symbol |
| Same as previous password | Reuse blocked | Pick a fresh password (last 5 are remembered) |
| Locked out after wrong attempts | Too many wrong tries | Wait 15 minutes; or use forgot-password |