Resetting Your Password
If you have forgotten your password, you can reset it using your email address.
Steps
1. Request a Reset
- Go to the login page
- Click Forgot Password
- Enter the email address associated with your account
- Click Send Reset Link
You will see a confirmation message regardless of whether the email exists in the system (this is a security measure to prevent account enumeration).
2. Check Your Email
Look for an email from ApprovIQ with the subject "Reset Your Password" (or similar):
- The email contains a reset link
- The link is valid for 24 hours
- The link can only be used once
If you do not see the email:
- Check your spam/junk folder
- Ensure you entered the correct email address
- Wait a few minutes — emails are processed asynchronously
3. Set a New Password
- Click the reset link in the email
- Enter your new password
- Click Reset Password
4. Sign In
After resetting your password:
- All existing sessions are invalidated (you will be signed out everywhere)
- Sign in with your email and new password
Security Details
The password reset process is designed with security in mind:
| Feature | Detail |
|---|---|
| Token security | Reset tokens are cryptographically secure random strings |
| Single use | Each token can only be used once, then it is deleted |
| Expiry | Tokens expire after 24 hours |
| Session invalidation | All existing sessions are cleared when a password is reset |
| Rate limiting | Password reset requests are limited to 5 per hour to prevent abuse |
| No email disclosure | The system does not reveal whether an email address is registered |
Troubleshooting
| Issue | Solution |
|---|---|
| Did not receive email | Check spam folder, verify email address, wait a few minutes |
| Link expired | Request a new reset link — tokens expire after 24 hours |
| Link already used | Request a new reset link — tokens are single-use |
| Still cannot sign in | Contact support for assistance |