If a user forgets their password they may be able to reset their own password. The user must have stored a back-up email or mobile phone number to do this, in order to receive a security code.
Users should click on the Forgot your password? link on the log in page and enter their email address. If the email address is for a valid account, an email will be sent with instructions. This will contain a unique password reset link that expires after 10 minutes. A security code will also be sent to the user’s back-up email or mobile number which is needed on the password reset page.
If the user has not stored a back-up email or mobile phone number, they should contact the trial manager or other holder of an administrator account. Administrators can reset a user’s password on the user account details screen. This sends out an email to the account holder with a special link to reset their password. The link is valid for 2 hours. A security code is not required by the user to change their password.
Administrators are advised to verify the identity of users requesting a password reset in this way.
Requests for password resets made by investigators to Sealed Envelope will be referred to the trial manager since Sealed Envelope has no way of authenticating the validity of such requests.
Once a user successfully changes their password, an email is sent to them informing them of the change. Unexpected password changes should be investigated without delay in case an account has been compromised. Contact Sealed Envelope for assistance if required.