What do we need to know about resetting a contact password?

Environment:

Contact Passwords in Oracle B2C Service

Resolution:

Oracle B2C Service encrypts contact passwords and provides password management options for improved security.  Passwords are stored using PCI-compliant encryption methods.

Agents do not have visibility to customer passwords in their workspace - a ribbon toolbar button will be available. By clicking this button, the old contact password will be invalidated and a password reset email will be sent to the contact’s primary email address.

When creating new contact records, agents must create the record and save it, then select the Reset Password button to provide the contact with a link for setting their password.  Customers using pass-through authentication (PTA) will need to use the Data Import Wizard, XML-API, or Oracle B2C Service Connect to update contact passwords.   Please refer to Answer ID 2427: Importing records using the Data Import Wizard for more information.

Contacts who create an account via email receive an automated message providing them with a link to "Finish Account Creation".

Related transaction types are available from the Audit Log in the contact workspace which note when and by whom passwords were changed: Password Changed, Password Reset by Customer, and Password Reset by Administrator.

Additionally, end-users who require assistance with their username or password will access the Account Assistance page: