10 golden rules of password reset email templates

We’ve all misplaced our house keys and know that sudden feeling of panic as we retrace our steps. Forgetting a password is like losing a key. Thankfully, people can quickly request a “spare key” in the form of a password reset email—and you don’t need to stress or pay a locksmith!

Restoring an account, however, requires a balancing act between password security measures and usability. Just like you wouldn’t place a spare key under the doormat, a password reset email shouldn’t make it too easy for an unauthorized person to take over an account. 

And at the same time, a password reset email is a positive customer interaction that you want to get the most out of. These 10 best practices will help you create a password reset email that safeguards the account while delivering a great customer experience.

What is a password reset email?

A password reset email is a transactional email that is triggered when customers click on a “Forgot password?” link. For example, here’s the login screen and password reset request for Airtable, a low-code platform for building collaborative apps.

Like Airtable’s version below, a password reset confirmation email contains a password reset link. Clicking on the link brings up a password reset page where the customer is prompted to enter a new password, completing the account recovery process.

Email is the best way to reset a user’s password because it’s frictionless—customers find it quick and easy to type in a unique email address that they remember. It’s also secure because only the owner of the email address should have access to the inbox.

Why password reset emails are important

All online accounts need a password to authenticate their owners. Despite the routine and highly transactional nature of password reset emails, they also play an important role in the customer experience. 

When your reset email restores account access, it’s a feel-good moment that builds trust as a reliable partner. On the other side of the coin, people will grow frustrated if the reset process is clunky. Customers that can’t access their account won’t stick around for long!

Keeping the account secure

Your customers need to be reassured that you are handling their personal data with care and that you will only give access to the rightful account owner. Any data breach will bring unwanted publicity to your business that you may not recover from.

For example, ASOS, a popular online clothing and accessories retailer, dedicates their entire password reset email to secure password best practices and keeping your user account safe! 💪

Creating a positive customer experience

A password reset is one of the most common customer touchpoints. While your email marketing campaigns help kickstart the customer journey, transactional emails like password resets are critical in keeping the relationship going.

Check out how Decathlon, the largest sporting goods retailer in the world, sends a simple but warm password reset email. They remind people to go back to what they were doing before they requested help—to continue shopping!

Elements of a password reset email

Password resets happen every second of every day. Most customers know what to expect in a password reset email and are familiar with the password recovery drill. This isn’t the time to think out of the box or do something overly creative!

The ideal password reset email should contain the following elements:

1. A “From” name and a password reset subject line

2. A business logo and on-brand email design

3. An explanation why the password email was sent

4. A link or button to reset the password

5. An expiration time for the password link

6. How to contact support for further questions

This Book Depository email is an excellent example:

10 best practices for password reset emails

1. Land in the inbox immediately

Customers ask for a password reset because they need access at that moment. This means the faster the email arrives, the better! The password reset email below from Notion lands in the inbox almost instantly so people can get on with their work.

To land in the inbox, your email deliverability needs to be top-notch. Use a trusted email service provider that is tuned for peak performance, sending from a domain that enjoys a good reputation along with complete DKIM and SPF records for email authentication. You know, like MailerSend. 😉

2. Keep it super simple (KISS)

People expect to be on their way with a minimum of fuss. So keep your password reset email short and to the point.  See this minimalist version from CamelCamelCamel (yes that’s the name of the company) describing what happened and what they need to do next.

3. Clearly label your email

Your password reset email should have clear and identifiable headers to reassure customers that it is not a phishing email. Use a meaningful subject line and ditch the no-reply address for a real email that recipients can reply to!

Grain, an online delivery service, ticks all the right boxes here. There is no question that this email was sent from them. Their subject line is clear, their logo is displayed prominently in the inbox, and there’s a real email address to reply to! 👏

4. Use one main CTA

The best password reset emails show a single CTA button or link. There shouldn’t be any other CTAs that may confuse customers or distract them from their goal. Add a copyable reset URL, like Etsy, just in case people are unable to click through to the browser.

5. Always send a follow-up email

Is the person resetting their password really who they are? To keep hackers in the dark, neither confirm nor deny the existence of an account at the reset password page. Look at this example from 15Five.

What if an account doesn’t exist? Or if customers used a different email? Don’t leave customers facing a wall of silence. Like REI.com, seize this opportunity by sending them an email to explain what is happening and hopefully convert them into happy customers!

6. Show your brand personality

Password reset emails serve an important functional purpose, but that doesn’t mean they have to be boring! Remember, these transactional emails enjoy a 100% open rate because people have to open them. Take this opportunity to showcase your brand voice and remind people why they like you.

Society6 uses their password reset email to maximum effect. Not only is their design nice, they include an empathetic message about remembering your password and fit in their brand tagline as well. All while still providing the necessary information to reset your password.

7. Keep marketing to a minimum

While marketing and transactional emails should always be distinct from one another, you can sometimes include value-driven content to your customers. Evernote, a note-taking app, cleverly drops a reminder that they sync across many devices.

8. Send both HTML and text emails

Sending both an HTML and plain text email, like what Airbnb does below, will ensure the widest possible reach for your customers. Plus, you’ll improve your delivery rate as well because spam filters tend to see HTML-only emails as a red flag. 

HTML version

Plain text version

9. Include a way to help

Your password reset email should reassure customers that they can opt to do nothing if they didn’t request the password change. Quandoo, a restaurant reservation platform, also suggests that end users can contact customer support if they have questions.

10. Test your email regularly

It’s easy to forget about password reset emails once they’ve been designed and implemented. Remember to regularly test their functionality and deliverability. Plus, it is a good idea to update them along with changes in your brand identity and support team information.

Step-by-step: Creating a password reset email

Now it’s time to apply these best practices and create your first password reset email template using MailerSend! You first need to have a MailerSend account, a verified sending domain, and a terminal app like Postman or Insomnia.

Ok, all sorted? Let’s create the email by going to templates first.

1. Navigate to the Templates page and click on Create template.

2. Choose to use the Drag & drop editor to create your template.

3. Find the Reset password template in the gallery and click on the Choose button.

4. You can drag and drop blocks to customize the email template to match your brand identity. Go on, have fun with it!

5. Once you’re done with your template design, click on the Save and publish button.

6. You’ll be prompted to give your new template a name. 

On the same screen, you will also see a unique Template ID for your template as well as sending instructions for cURL, PHP, Laravel, Node.js, Go and Python.

7. Remember to click the Save changes button before you leave.

8. To send an email you’ll need the Template ID which you can also find on the Templates page under the template’s name.

9. Follow the sending instructions for your programming language. For example, for cURL, insert your Template ID at template_id. Add a subject under the template’s default settings or add it as a parameter within your API call.

curl -X POST \
https://api.mailersend.com/v1/email \
-H 'Content-Type: application/json' \
-H 'X-Requested-With: XMLHttpRequest' \
-H 'Authorization: Bearer {place your token here without brackets}' \
-d '{
"from": {
"email": "your@email.com"
},
"to": [
{
"email": "your@email.com"
}
],
“subject”: ”Reset your password”,
"template_id": "vywj2lpddml7oqzd"
}'

10. Check the status of your email message on the Activity page of your dashboard. All good?

Congratulations, you just sent your first password reset email using MailerSend! 🎉

Give your password reset emails a makeover today

It’s easy to overlook password reset emails and write them off as a boring, functional email. Give them a closer look, however, and you’ll be rewarded with opportunities to share your personality, build relationships and drive conversions.

How are you making your password reset emails stand out and work for you? Share in the comments below!