Current behavior of password reset in connection cloud is as follows:
- User doesn't have authorization recover/reset password by themselves.
- User has to inform to company administrator to reset password and administrator will inform new password to end user.
- User login with new password and change it to new one as per him/her. This will lead to security concerns as there is a chance for company administrator check end user mails.
What is required in "Connections Cloud" is something the way google password reset works. Where end user can send password reset information to his another email address OR to his mobile number and after that he can reset the password himself without the administrator involvement. This will reduce the job of company administrator and also avoid security risks for end users.