Reset Password Page
New password form reached from a reset link with a requirements checklist, a session sign out panel, and the note that nothing changes until save.
New password form reached from a reset link with a requirements checklist, a session sign out panel, and the note that nothing changes until save.
The source for every Application block is included with Basic and Pro. Pick a plan to copy the code.
Already purchased? Log in
Reset Password Page is the new password form reached from a reset link. The card names the account being reset (maya@acme.com) and warns the link expires in 12 minutes. The password field carries a live requirements checklist, two of three rules already met with a filled check and the third still open, so the user sees exactly what is missing. A confirm field with a typo warning sits below, then a muted panel spells out what saving does: the 3 other active sessions get signed out immediately while API keys and integrations keep working unchanged.
Requirements are one typed const array of met and label pairs rendered once. The footer closes the honest loop by stating nothing changes until save, and the old password stays active until then, so a user who landed here by mistake can simply close the tab.
Reach for this block as the destination of a reset link, wired to your password update endpoint. Validate the token before render and mark expired links so the 12 minute window in the copy is real rather than decorative.
A natural flow around it on an Application Pro page:
Before
After
One strong use is the post-reset password form. Other shapes:
Tip: state what saving does to other sessions before the user submits; a user who knows their phone will sign out is far less likely to open a support ticket about it.