Configure Password Options for Customers in Magento

Password is a vital part of the process of creating a new customer account in Magento. It keeps their data secured within their accounts and provides access to important information about orders, invoices, refunds, reward programs, etc.

Magento 2 provides multiple options for customer account password configuration. These include the reset password link, forgot/remind email template, maximum login failures to lock the account, the number of characters that make up a password, and much more.

So, in this article, you'll learn how to configure password options for customers in Magento 2 to ensure convenient password recovery.

To configure password options in Magento:

1. Go to Stores > Configuration > Customers > Customer Configuration > Password Options.

2. Choose the way for checking password reset requests in the Password Reset Protection Type field. Here you have four possible options:

  • By IP and Email;
  • By IP;
  • By Email;
  • None.

3. Set the Maximum Number of Password Reset Requests. Enter 0 here if you want to disable this option.

4. Specify the Minimum Time Between Password Reset Requests. For this option to be disabled, use 0. 

Customer Account Password Options Configuration

5.  Choose email templates for the following:

  • Forgot Email Template, which is used for customers who have forgotten their account passwords.
  • Remind Email Template, used to send a hint to reset a customer's password. 
  • Reset Password Template, which is sent to customers when they reset their passwords 

Note: Magento offers you these templates by default, but you can customize Magento email templates to suit your needs.

6. Password Template Email Sender, specifies a store worker whose name will appear in the emails, listed above. 

Forgot Password Options Magento

7. Specify the number of hours for the Recovery Link Expiration Period. The minimum number is 1.

8. Choose whether to Enable Autocomplete on login/forgot password forms.

9. Fill in the Number of Required Character Classes, that have to be used by the customer while creating an account password. Those include lowercase and uppercase letters, digits, and special characters. 

10. Add the number of failed attempts, needed to block the customer's account in the Maximum Login Failures to Lockout Account field. 

11. Specify the Maximum Password Length, the default value is 8, but you can enter a different number from 1 onwards. 

12. Enter the time after which the account can be unlocked in the Lockout Time (minutes) field. 

Password recovery settings magento

Don't forget to press the Save Config button and go check the configured settings yourself.

These are all steps you need to configure customer account password options in Magento. The whole process won't take more than a few minutes. But you should then proceed with other sections of the Magento customer account configuration.