Reset customer passwords
Customers usually reset their passwords from the storefront by clicking Forgot Your Password?. However, the store administrator can initiate either a password reset or a forced sign-in from the Admin.
Standard customer accounts created from the storefront or from the Admin do not have OAuth tokens.
Reset a password from the storefront
-
On the login page, the customer clicks Forgot Your Password?.
-
When prompted, enters the Email Address that is associated with their account and clicks Reset My Password.
note info INFO If the entered email address matches the one that is associated with the account, the customer receives a Password Reset Confirmation email with a link to reset their password. -
When the email arrives, the customer clicks the reset password link and enters their New Password when prompted.
-
Enters it again to confirm and clicks Reset Password.
note important IMPORTANT The new password must be six or more characters in length without spaces. When they receive confirmation that the password is updated, they can use the new password to sign in to their account. By default, the reset password link is valid for 24 hours.
Reset a password from the Admin
-
On the Admin sidebar, go to Customers > All Customers.
-
Find the customer account in the grid and click Edit in the Action column.
-
In the set of options across the top of the page, click Reset Password.
The number of password reset requests that are allowed within an hour is set in the configuration topic.
Revoke a customer’s OAuth tokens
-
On the Admin sidebar, go to Customers > All Customers.
-
Find the customer account in the grid and click Edit in the Action column.
-
In the set of options across the top of the page, click Force Sign In.
-
When prompted to confirm, click OK.