Handle Forgot and Reset Password

Link to chapter - http://serverless-stack.com/chapters/handle-forgot-and-reset-password.html

I just went through this chapter and in testing it with google chrome, everytime I reset my password chrome saves the confirmation code as a username in my saved passwords. Looking at the code, I have not yet determined how to prevent this. Has anyone else encountered this?

I’m guessing the password manager thinks that the confirmation code field is a password field? There should be a way to prevent this. If you find something please report back and we’ll add it to the guide.

1 Like

Is there a way to have the user click on a verify link from the email sent to them instead of having to enter a confirmation code and then change their password?
That would also be easier during the signup up process, the user just click a verify link and is logged in automatically.

AFAIK, Cognito does not support this. I haven’t check recently. But if somebody else has looked into it, hopefully they can chime in.