Forgot Username

🎯 Purpose

Provides users with a secure method to retrieve their username when they cannot remember the identifier needed for authentication. This self-service capability reduces support burden while maintaining security.

📍 Access Point

Location: Login screen of REL-ID Web Authentication Portal
Link Text: "Forgot Username" link prominently displayed
User Context: Available when user cannot remember their login identifier

🔄 Username Recovery Process

🖥️ Initial Screen Presentation

Screen Title: "Forgot Username" clearly displayed
Input Options: User can provide either registered mobile number OR email address
Flexibility: System accepts either communication channel for username retrieval
User Guidance: Clear instructions on what information to provide

📊 Username Recovery Interface

📋 Recovery Information Processing

🔍 Information Validation

Format Check: System validates email format or mobile number format
Database Lookup: System searches for associated username(s)
Privacy Protection: Same response regardless of whether information exists
Security Measure: Prevents username enumeration attacks

📊 Lookup Results Processing

Input Status	System Behavior	User Experience
Valid, Found	Send username(s) to contact method	Success screen shown
Valid, Not Found	No action taken	Success screen shown
Invalid Format	Format error	Error message with guidance

📨 Username Delivery Process

📧 Email Delivery

Email Content: Professional email containing username(s)
Multiple Usernames: All associated usernames included if multiple exist
Delivery Channel: Sent to registered email address
Security: Email sent via secure, authenticated channels

📲 SMS Delivery

SMS Content: Text message with username information
Character Limit: Optimized for SMS length constraints
Delivery Channel: Sent to registered mobile number
Format: Clear, easy-to-read format

✅ Success Screen Presentation

🎉 Universal Success Response

Regardless of whether the provided information was found in the system, users always see a success screen to prevent information disclosure.

📱 Success Screen Content

🛡️ Security Features

🔒 Information Disclosure Prevention

Consistent Response: Same success message whether user exists or not
Enumeration Protection: Prevents attackers from discovering valid usernames
Privacy Preservation: User existence not revealed to unauthorized parties
Security Balance: Maintains security while providing user assistance

📊 Privacy Protection Measures

Security Aspect	Implementation	User Benefit
Response Consistency	Same success screen always shown	Prevents account enumeration
Delivery Confirmation	No indication if delivery succeeded	Protects user privacy
Information Limiting	Only username sent, no other details	Minimizes information exposure
Support Integration	Contact information provided	Alternative help available

🎯 User Experience Considerations

📱 Communication Channel Flexibility

Multiple Options: Email OR mobile number accepted
User Choice: Users can use their preferred communication method
Accessibility: Accommodates users with different contact preferences
Reliability: Multiple channels increase delivery success rate

🔄 Post-Recovery Actions

Login Guidance: Clear instructions on using retrieved username
Authentication Preparation: Users guided to authentication process
Support Resources: Contact information for additional assistance
Recovery Completion: Users can immediately use retrieved username

⚠️ Important Behavioral Notes

🔐 Security-First Design

No User Confirmation: System never confirms if user exists
Consistent Timing: Response time consistent regardless of lookup result
Error Minimization: Generic success responses prevent information leakage
Support Integration: Clear escalation path for legitimate users

📞 Support Integration

Contact Information: Customer support details prominently displayed
Customizable Message: Deployment can add specific support phone numbers
Alternative Help: Users have clear path for additional assistance
Professional Support: Human assistance available for complex cases