Currently when a user logs in with an expired password they are given an error message that the password has expired but no immediate path to reset it. The user can click "forgot my password" that requires an identity verification before being granted a temporary password and being told to log in and reset their password through the web application.
To make this workflow easier, perhaps a "reset password" link could appear when a user attempts to login with an expired password? The link could send a verification email to the account the user attempted to login with (the same link for the "forgot password" flow).
Notes
Acceptance Criteria
Currently when a user logs in with an expired password they are given an error message that the password has expired but no immediate path to reset it. The user can click "forgot my password" that requires an identity verification before being granted a temporary password and being told to log in and reset their password through the web application.
To make this workflow easier, perhaps a "reset password" link could appear when a user attempts to login with an expired password? The link could send a verification email to the account the user attempted to login with (the same link for the "forgot password" flow).
Notes
Acceptance Criteria