Password Reset

Reset your password if you have forgotten it or want to change it for security.

Time to complete: 3-5 minutes

When You Need to Reset Your Password

Common reasons to reset:

• Forgot your password
• Security concern (account compromised)
• Regular password rotation
• Want a stronger password

This guide covers both scenarios:

1. Forgot password (not logged in)
2. Change password (logged in)

How Authentication Works on Loclie

Loclie uses Clerk for authentication. This means password management, password reset, and sign-in are all handled through Clerk's secure interface. You will see Clerk's sign-in form when you log in or reset your password.

Resetting a Forgotten Password

Step-by-step:

1. Go to the Sign-In Page

   • Visit the Loclie sign-in page at /auth/login
   • Or click "Sign In" from any page

2. Click "Forgot password?"

   • On the Clerk sign-in form, look for the "Forgot password?" link
   • This initiates Clerk's password reset flow

3. Enter Your Email

   • Type the email address you registered with
   • Clerk will send you a verification code or reset link

4. Check Your Email

   • Look for an email from Clerk
   • Check your spam/junk folder if not received within a few minutes

5. Follow the Reset Instructions

   • Follow the prompts in the email to verify your identity
   • You may be asked to enter a verification code

6. Create a New Password

   • Enter your new password
   • Clerk will enforce its password requirements

7. Success!

   • Your password is updated
   • You can now sign in with your new password

Changing Your Password (While Logged In)

From the Settings Page

1. Go to your Dashboard and click "Settings" (or navigate to /dashboard/settings)
2. In the Security section, click "Change Password"
3. This links to /auth/reset-password
4. Follow the Clerk prompts to update your password

Password Security Best Practices

Creating Strong Passwords

DO:

Use a password manager

• Generates random passwords
• Stores securely
• Auto-fills on login
• Recommended: 1Password, Bitwarden, LastPass

Make it long

• 12-16 characters ideal
• Longer = harder to crack

Use unique passwords

• Never reuse passwords
• Each account gets a unique password

Use passphrases

• Example: "Coffee!Sunrise@Beach2024"
• Easier to remember
• Still very secure

DON'T:

Don't use personal information

• No birthdays (1985, May5)
• No names (John, Smith)
• No addresses (123Main)
• No phone numbers

Don't use common passwords

• "password123" - Never use
• "123456" - Cracked instantly
• "qwerty" - Keyboard patterns

Don't share your password

• Not with friends
• Not with family
• Not with support (they will never ask)
• Not via email or text

Don't write it down

• Avoid sticky notes
• Don't save in plain text files
• Use a password manager instead

Don't reuse passwords

• If one site is breached, all accounts are at risk
• Use a unique password for each account

Recognizing Password Scams

Loclie will NEVER:

• Ask for your password via email
• Ask for your password via text
• Ask for your password via phone call
• Ask for your password on social media
• Send unsolicited password reset emails

If you receive:

• Email asking for password - DELETE IT (it is a scam)
• Unexpected reset email - Check account activity
• Phone call asking for password - HANG UP (it is a scam)

Legitimate password reset:

• Only happens after YOU request it
• Goes through Clerk's secure interface
• Never asks you to email your password back

Password Reset Email Not Received

Troubleshooting Steps

Check these first:

1. Wait a Few Minutes

   • Can take 1-5 minutes to arrive
   • Don't request multiple times immediately
   • Check every minute for 5 minutes

2. Check Spam/Junk Folder

   • Email might be filtered
   • Look for emails from Clerk
   • Mark as "Not Spam" if found

3. Check Email Address

   • Verify you entered the correct email
   • Must match the email you registered with
   • Typos prevent delivery

4. Check Email Filters/Rules

   • Might be auto-filtered
   • Check all folders
   • Disable filters temporarily

5. Try Again

   • Request a new reset
   • Only after waiting 5 minutes
   • Check spam folder again

Still not received after 10 minutes?

Contact support:

• Email: support@loclie.com.au
• Include:
  • Your email address
  • "Password reset email not received"
  • When you requested the reset
  • Whether you checked your spam folder
• Support will help within 24 hours

After Resetting Your Password

Immediate Actions

Right after password reset:

1. Update Saved Passwords

   • Browser password manager
   • Third-party password manager
   • Any saved passwords

2. Re-login on Other Devices

   • You may be logged out of other devices
   • Log back in with your new password
   • Mobile, tablet, other computers

3. Review Account Activity

   • Check for suspicious activity
   • Report anything unfamiliar

If Password Reset Was Unexpected

You didn't request a password reset but received an email?

Immediate steps:

1. Don't click the link (might be phishing)

2. Go directly to Loclie

   • Type the Loclie URL in your browser
   • Don't use the link in the email
   • Sign in normally

3. Change Password Immediately

   • Use a strong, unique password
   • Different from any other accounts

4. Contact Support

   • Report suspicious activity
   • Support can investigate

Frequently Asked Questions

How often should I change my password?

Recommended:

• Immediately if there is a security concern
• Otherwise, a strong unique password does not need frequent changes

Modern security guidance:

• Strong, unique passwords don't need frequent changes
• Focus on password strength over rotation
• Only change when a security incident occurs

What if I forget my new password immediately?

Don't panic:

1. Try your password manager

   • Might have auto-saved
   • Check browser or third-party manager

2. Reset again

   • Use the "Forgot Password" flow from the sign-in page
   • Create a new password
   • Set up a password manager so this doesn't happen again

Can support see my password?

Absolutely not.

Password security:

• Passwords are encrypted (hashed)
• Even Loclie staff cannot see passwords
• No one can "look up" your password

If you forget:

• Only option is the password reset flow
• Support cannot tell you your password
• They can only help with the reset process

Will I be logged out after changing my password?

Typically yes, from other devices.

What happens:

• You stay logged in on the device where you changed the password
• You may be logged out of other devices/sessions

Just re-login:

• Use your new password on those devices
• You will stay logged in again

Troubleshooting

"Current password is incorrect" When Changing Password

Possible causes:

1. Typed password wrong
2. Caps Lock is on
3. Using an old password
4. Browser auto-filled the wrong password

Fix:

1. Check Caps Lock - Turn off if on
2. Type carefully - Pay attention to each character
3. Copy from password manager - If you use one
4. Try password reset - If you truly forgot your current password
5. Clear browser cache - Sometimes auto-fill is outdated

Best Practices Summary

DO:

• Use a password manager for strong, unique passwords
• Use 12+ character passwords
• Change your password after security concerns
• Log out of public/shared computers
• Review account activity regularly

DON'T:

• Share your password with anyone
• Use personal information in your password
• Reuse passwords across accounts
• Write passwords on sticky notes
• Click reset links in unexpected emails
• Use common passwords (password123, etc.)
• Ignore suspicious activity

Next Steps

Now that you know how to manage passwords:

Account Management

• Profile Settings - Manage account details
• Delete Account - If needed

Get Help

• Troubleshooting - More troubleshooting
• Contact Support - Get help

Keep your account secure with a strong password!

Need help?

• Troubleshooting
• General FAQ
• Contact Support