Resetting your password

Forgot your password? The reset flow is standard — click "Forgot password", click the email link, set a new one. This article covers the details, edge cases, and the security-best-practice we recommend you adopt next.

The reset flow

1. On the login page, click Forgot password? below the password field.
2. Enter your email address. This must be the email tied to your account.
3. Click Send reset link. We email a link within seconds.
4. Open the email and click the link. It opens a reset-password page.
5. Enter a new password (min 8 characters) twice.
6. Click Reset password. You're logged out of every device and redirected to login.
7. Log in with your new password.

The email didn't arrive

• Check spam/promotions folder. Reset emails sometimes get filtered.
• Wait 5 minutes. Email delivery can be slow.
• Check you typed the right email. Typos are common and we don't reveal whether an email exists in our system (security).
• Try another email you might have used. If you've signed up with multiple, test each.
• Still nothing — open a support ticket from the login page. Include the email you think you used.

The reset link doesn't work

• Link expires after 60 minutes. If too old, click "Forgot password" again to generate a new one.
• Link already used. Each link is one-time. Generate a new one.
• Link looks truncated — some email clients wrap long URLs. Copy the entire URL (including any continuation) and paste into the browser manually.

Security note: resetting logs out all devices

When you reset your password, every existing session is invalidated. Anyone logged into your account on another device is kicked out. This is intentional — if someone else knew your old password, they don't get to keep using your account.

Password requirements

• Minimum 8 characters.
• No character-class rules (mixed case, symbols, etc.) — length matters more than complexity.
• We reject the most common passwords automatically (password, 12345678, etc.).
• Can't be identical to your current password.

Strong password tips

• Use a password manager (1Password, Bitwarden, built-in Apple/Chrome managers). This is the single biggest security upgrade you can make. Never reuse passwords across sites.
• If you're making one manually, go long — 4 random words joined is stronger than "P@ssw0rd!".
• Never use the same password anywhere else.

What if my email is compromised?

If someone has access to your email, they can trigger password resets. If you suspect your email is breached:

1. Immediately change your email password (with the email provider, not us).
2. Enable 2FA on your email.
3. Change your VisNavigans password via reset flow.
4. Review your account — Purchase History, messages, sessions — for anything unfamiliar.
5. Consider changing your email address on our side (see "Changing your email address").

Related

• "Changing your email address" — when your old email is compromised
• "Two-factor authentication" — extra layer beyond just password