Password Reset and Account Recovery Procedures
Account access issues are among the most time-sensitive concerns customers face. When customers cannot log in to their Niceazda accounts, they may miss limited-time promotions, be unable to track orders, or lose access to their purchase history and saved payment methods. This SOP provides comprehensive procedures for helping customers regain account access quickly and securely.
Understanding Account Access Methods
Niceazda supports multiple authentication methods, and understanding these helps agents identify the appropriate recovery path.
Login Methods Supported
| Method | Description | Recovery Approach |
|---|---|---|
| Email and Password | Traditional login with email address | Password reset via email |
| Phone and Password | Login with mobile number | Password reset via SMS |
| Phone OTP | Passwordless login via SMS code | Verify phone access |
| Social Login | Google, Facebook, or Apple sign-in | Recover through social provider |
| Biometric | Fingerprint or face recognition on app | Fall back to password or OTP |
Standard Password Reset Process
The majority of account access issues can be resolved through the self-service password reset flow. Guide customers through this process before attempting manual intervention.
Step 1: Initiate Password Reset
Direct the customer to the login page and locate the Forgot Password link. They will need to enter either their registered email address or phone number depending on their account setup. Confirm they are entering the correct contact information associated with their Niceazda account.
Step 2: Verification Code Delivery
After submitting the reset request, a verification code will be sent to the registered email or phone. Inform the customer to check their inbox including spam or junk folders for email, or wait for the SMS to arrive. Codes are typically valid for 10 to 15 minutes.
Step 3: Complete Password Reset
Once the customer receives the code, they enter it on the verification page and create a new password. Password requirements typically include minimum eight characters, at least one uppercase letter, at least one number, and no spaces or special restrictions on certain characters. Advise customers to use a unique password not used on other websites.
Troubleshooting Reset Code Issues
Customers frequently report not receiving their verification codes. Troubleshoot systematically before escalating.
Email Verification Code Not Received
When customers report not receiving email codes, guide them through these checks:
- Verify the email address entered matches exactly what is on file including spelling and domain
- Check spam, junk, and promotions folders thoroughly
- Search inbox for sender address associated with Niceazda notifications
- Confirm no email filters are blocking messages from our domain
- Try requesting a new code after waiting the required interval
- Check if email provider has known delays or outages
SMS Verification Code Not Received
For SMS code issues, check the following:
- Confirm phone number is correct including country code
- Verify the phone has active service and can receive SMS
- Check if message inbox is full
- Ensure the phone is not blocking unknown senders
- Try requesting a new code via voice call option if available
- Check if there are carrier-level blocks on short codes
System-Side Verification
If customer-side troubleshooting does not resolve the issue, verify in the system that the account exists with the contact information provided, recent reset requests are logged and codes were generated, there are no account restrictions preventing code delivery, and the contact information is verified and active on the account.
Account Recovery When Contact Information Is Inaccessible
More complex situations arise when customers can no longer access their registered email or phone number.
Assessing the Situation
Determine why the customer cannot access their registered contact information:
- Email account was closed or hacked
- Phone number was changed or lost
- Customer does not remember which email or phone was used
- Contact information belongs to someone else such as a former partner or employer
Identity Verification Requirements
When standard reset methods are unavailable, additional verification is required to protect account security. The customer must prove they are the legitimate account owner through alternative means:
- Recent order numbers and details including delivery addresses
- Saved payment method information such as last four digits of card
- Account creation date if known
- Previous delivery addresses on record
- Government-issued identification matching account name
Account Recovery Request Process
For customers requiring manual account recovery, collect all available verification information listed above. Explain that for security, the request will be reviewed by the Account Security team. Processing typically takes 24 to 48 hours. Provide a case reference number and expected timeline. The customer will be contacted with next steps or additional verification requirements.
Social Login Issues
Customers using social login may face unique challenges when their social account is compromised or they want to disconnect it.
Cannot Access Social Account
If a customer used Google, Facebook, or Apple sign-in and can no longer access that social account, they must first attempt recovery through the social platform directly. Niceazda cannot reset passwords for third-party services. If they permanently lose access to the social account, initiate an account recovery request to link a new login method to their Niceazda account.
Linking Alternative Login Method
Once a customer regains account access, encourage them to add a backup login method. They can add both email and phone as login options in account settings. This provides redundancy if one method becomes unavailable in the future.
Security Considerations
Account recovery processes balance customer convenience with security. Never compromise security to speed up recovery.
Red Flags Requiring Caution
Be alert to potential account takeover attempts:
- Caller cannot verify any account details beyond basic information
- Urgency to change contact information immediately
- Story involves recently acquiring the phone number or email from someone else
- Requests to bypass verification steps
- Account shows recent suspicious activity
When to Deny or Escalate
Do not proceed with account recovery if verification is insufficient. Politely explain that you cannot verify account ownership with the information provided and additional documentation is required. Escalate to the Account Security team any requests that seem suspicious or do not meet verification thresholds. It is better to delay legitimate recovery than to enable account theft.
Post-Recovery Recommendations
After helping a customer regain account access, provide these security recommendations:
- Review recent account activity for any unauthorized orders or changes
- Update password to something unique and strong
- Verify and update contact information
- Enable two-factor authentication if available
- Review saved payment methods and remove any unrecognized ones
- Check delivery addresses and remove any unknown addresses
Documentation Requirements
Document all account recovery interactions thoroughly. Record the verification methods used, any documentation provided, and the outcome. This documentation protects both the customer and Niceazda in case of future disputes about account ownership or unauthorized access claims.