Password Recovery Tips That Won’t Drive Your Clients Crazy

Password Recovery Tips That Won't Drive Your Clients Crazy
  • 6 min read

When was the last time you forgot a password? Sometimes you get lucky, and it’s saved somewhere. Hopefully, you have a password management system in place. Not everybody does. If you’re like most people, you need to recover that password and set a new one. It can be time-consuming. We know a guy who waited 24 hours for WordPress to send a password recovery email. That sucked because he was in the middle of a presentation.

Password recovery can be a real pain. Multiple devices, traffic light recognition or worse, time delays, and then maybe you just keep using your dog’s birthday as your password on every platform. You may not think about the actual dollar value of a forgotten password, but you should. The cost of losing and resetting passwords is much higher than you may think.

Unraveling the Origins of Password Complexity: Where It All Began

Remember that guy? No, the other guy. The password guy. You might have to search, but back in 2003, Bill Burr, then a manager at the National Institute of Standards and Technology (NIST), came up with an 8-page document that became the password creation bible (no pun intended).

Now most of us back in 2003 were internet newbs, and Bill was put on the hot seat. “Bill! We need some password guidelines people will use into the 21st century.” The poor guy. Think of going to Frankfurt for a web conference this weekend, and then having your boss pull you into a client call the next day “because you speak German.” Mein Gott, right?

Twenty years later, we’re still being asked to set 16-character passwords that include special characters, numbers, capital letters, our mom’s maiden name, and our phone number when we were in first grade. The thinking behind this safe password creation originated from Bill’s document. And here’s the thing, when he retired, Bill said he was sorry!

Since Bill’s retirement, it’s clear to everybody that it’s not length that matters. You need to mix it up a bit. 16 characters of jumbled letters is a lot easier to hack than a smaller 8-character password made up of symbols, letters, and numbers. So, Bill, you weren’t so far off. We forgive you!

“‘Much of what I did I now regret,’ Bill Burr told The Wall Street Journal recently, admitting that his research into passwords mostly came from a white paper written in the 1980s, well before the web was even invented.”
Looking for the best WordPress hosting for your agency? Impress clients with the best performance and security for your clients to make your life easier managing your business

Don’t Let Passwords Pizza Party Away Your Agency Profits

We wrote about the frustration employees encounter when the back end of your website is running slowly. That frustration also has a dollar value. The irritation of password recovery on the job only adds to the fact that your website loads like a wet dog in the snow and that some people got bonuses while others got pizza. Don’t be that agency.

Passwords being forgotten and recovered might seem like a pimple, but just how many employees do you have? Five? One hundred? How many unique systems are they logging into each day? Probably more than 10. Are they using single sign-on?

The time spent resetting passwords costs the average business about $500 worth of productivity. That’s not in total, that’s each year, for each employee.

Think about that. If you have 10 employees, you are quite possibly losing $5000 a year in lost productivity due to password recovery. That’s a lot of pizzas.

Why Your Password Reset Process Makes Your Users Hate You

Most of us don’t go out of our way to upset clients. It’s counterproductive. That said, do you know just how much password recovery upsets your clients? Password recovery takes time. Time is money for us, but for our clients, their lost time becomes our bad service.

From really bad password recovery experiences to long-tail password creation rules, passwords can really suck, you only need to read some of the comments on Reddit. (Also sorry for the rabbit hole.)

A poor password recovery process can do more than anger clients. What starts as frustration and lost time can end up as a lost client or even a compromised infrastructure. And we’re not even talking about customers on your eCommerce site. 

Here are some common pitfalls in the password recovery process, ranked from bad to worst:

1. Unreliable methods and delays – your users feel anxious.

Waiting for codes, having unreliable options, and feeling locked out without updates create significant anxiety and helplessness for users. This can lead to a loss of trust and potential security risks possibly impacting clients or your agency.

2. Inaccessibility and complexity — your users are angry.

Hidden processes, complex menus, and irrelevant information make them feel like they’re being ignored and not valued. This can lead to negative publicity and brand image damage.

3. Lack of communication and empathy – your users feel betrayed.

Unclear instructions, unhelpful support, and a perceived lack of empathy can cause confusion and betrayal. While negative, it doesn’t directly impact security or access like the other scenarios, but it can mean losing a client.

Ranking the Client-Centric vs. Agency-Centric Concerns

It’s important to see both sides of the password recovery process. Inversely, the severity of each of the previous scenarios differs from the client’s perspective to that of your agency.

Here’s how the problem might differ for each of you:

For your clients & users — ranking the pain points

  1. Unreliable methods and delays: This has a direct impact on security and access, causing users anxiety and helplessness – especially if they are unable to work, shop, or otherwise continue with their day.
  1. Inaccessibility and complexity: This isn’t as severe since frustration and anger are emotional responses and not directly security-related. However, it can still be damaging as it hinders access and creates a negative user experience.
  1. Lack of communication and empathy: This might be perceived as less severe than the others but can still erode trust and lead to feelings of confusion and disenfranchisement. 

For your agency – ranking the pain points

  1. Lack of communication and empathy: This could be seen as the worst from your agency’s perspective. Negative sentiment, brand image damage, and potential client churn can have significant financial and reputational consequences.
  1. Inaccessibility and complexity: While frustrating for users, these issues might be seen as less directly impactful on your agency financially compared to the others. However, they can still lead to negative reviews and user service strain.
  2. Unreliable methods and delays: Although impacting security, the financial impact might be mitigated by having robust security measures in place. However, it can still damage trust and might even lead to regulatory scrutiny.

WordPress Agencies: Here Are 4 Ways You Can Streamline Password Recovery

Password recovery sounds easy enough, right? Unfortunately, it often turns into a frustrating ordeal for both clients and support teams. A lot of emails, frantic requests, and lost time. It’s an agency pain point we all know and could really do without.

Here are some password recovery tips that will soothe your clients and free up your support team’s bandwidth:

Simplify the Flow:

  • Keep the password recovery form short and sweet. Period.
  • Provide choices for password recovery, like email, SMS verification (if applicable), or security questions.
  • Use simple, non-technical language in instructions and error messages.

Boost Deliverability:

  • Configure a reliable SMTP plugin. Invest in a robust SMTP plugin to ensure emails reach their destination.

“Post SMTP offers advanced features like email logs and fallback mailing to improve the delivery of your emails.”

  • Encourage users to add your domain to their address book or whitelist to prevent emails from landing in spam folders.
  • Allow users to resend the password recovery email, with clear instructions on how long to wait.

Emphasize Security:

  • Two-factor authentication (2FA) adds an extra layer of security and prevents unauthorized access, even if someone gets ahold of the password.
  • Educate customers about creating strong, unique passwords and the importance of not reusing them across different platforms.
  • Explore emerging options like magic links or biometrics for a more secure and convenient login experience.

Remember the Human Touch:

  • Acknowledge their frustration. You’ve been there, right?
  • Keep them informed about the process and expected wait times.
  • If possible, offer assisted password recovery via support chat.

“Live chat support on your website is a superb way to convert 50/50 sales and boost customer confidence. You can set up live chat support on your website within minutes by installing the Live Chat plugin. This plugin even features chat initiation triggers and integrates with help ticketing systems.” – 26 WordPress Digital Marketing Plugins Every Marketer Needs

By implementing these tips, you can create a password recovery process that’s both user-friendly and secure. You’ll be reducing stress for your clients and staff too – that frees up your support team to focus on other crucial tasks.

Website Users: Ditch the Memory Game and Get a Password Manager

Struggling to remember passwords for countless online accounts? Do you keep losing the Post-it notes you wrote them down on? You’re not alone. You need a password manager. It’s a one-stop security solution for work or at home. With a single master password, you say goodbye to weak passwords and the hassle that password recovery brings.

Here are just some of the advantages of having a password manager:

  • Strong, Unique Passwords: Ditch “fido1234” and let the manager create secure passwords.
  • Effortless Logins: No more typing! Log in as the manager fills in your details automatically.
  • Breach Alerts: Stay ahead of hackers with notifications if your data is compromised.
  • Built-in Security Tools: Enjoy two-factor authentication without juggling extra apps.

A password manager gives you peace of mind and online security. Get a password manager today!

“​​PASSWORD MANAGERS ARE the vegetables of the internet. We know they’re good for us, but most of us are happier snacking on the password equivalent of junk food.”


A smooth password recovery experience not only enhances customer satisfaction but also reflects positively on your agency’s professionalism and efficiency. So, let’s tame the password recovery beast together and create a win-win for everyone!

We’d Love to Show You What The Fastest WordPress Hosting Actually Means for Your Agency!

Grow your agency with lightning-fast, secure, and optimized websites that are easy to set up & manage. Top-tier agencies and online businesses choose as their trusted managed WordPress hosting provider – why shouldn’t you, too?

New call-to-action