Young hacker smiling

We hack your software

zero false positives

Expert intelligence + specialized technology

REQ.126 Set password restoring mechanism

This document contains the details of the security requirements related to the definition and management of access credentials in the organization. This requirement establishes the importance of defining a mechanism to securely retrieve or restore users passwords.


The system must provide a mechanism to retrieve or restore users password.


  1. OWASP-ASVS v3.1-2.8 Verify all identity functions (e.g. forgot password, change password, change email, manage 2FA token, etc.) have the security controls, as the primary authentication mechanism (e.g. login form).

Service status - Terms of Use