Each user who wants to change their password, either because they prefer a custom password over the auto-generated one, or because they've forgotten their current password, must use the Axis “Forgot Password” functionality. Axis does not allow manual password changes through its interface anymore.
Forgot My Password Functionality
- Initiating a Password Reset:
- Users click on the Forgot password? "Click here!" link located on the Axis login page.
- They are prompted to enter their registered email address associated with their Axis account.
- Reset Password email
- Upon submission, Cognito sends an automated email to the user's registered email address containing RESET PASSWORD button (link in the email will expire within 24 hours)
- Note: If multiple password resets are requested, only the most recent email remains valid. Previous password reset emails become invalidated.
- Resetting the Password
- The user clicks "RESET PASSWORD", which opens the password reset page in Axis.
- The user sets a new password following Cognito’s security requirements:
- At least 12 characters.
- Contains at least one uppercase letter, one lowercase letter, and one number.
- Both "New Password" and "Enter New Password Again" fields must match exactly.
- If the new password does not meet the required criteria, Axis displays an error message indicating which requirements have not been met.
- Post-Reset Behavior
- After successfully resetting the password:
- Users are directly logged into Axis using the newly created password.
- A confirmation email with a LOGIN button is sent from no-reply-axis@chyron.com confirming that the password was successfully updated and that the user can now log in.
- The previously used password became invalid and unusable.
- After successfully resetting the password:
- Security Considerations
- Only the latest email with a password reset link is valid if multiple password reset requests are made.
- When a user attempts to use an expired password reset email, the reset attempt is rejected and the error message is displayed.
- Users or admins cannot manually change or view passwords within Axis. Password management is exclusively handled via AWS Cognito.
This process ensures secure and user-friendly password recovery in line with Cognito's authentication standards.