Q303687: PRB: Duplicate Email When User Does Not Complete Password Change
Article: Q303687
Product(s): Microsoft Developer Network
Version(s): 2.0
Operating System(s):
Keyword(s):
Last Modified: 29-JUN-2002
-------------------------------------------------------------------------------
The information in this article applies to:
- Microsoft Passport, version 2.0
-------------------------------------------------------------------------------
SYMPTOMS
========
When the user does not respond to a password change e-mail message in a specific
period of time, the user may receive redundant notification e-mail messages.
STATUS
======
This behavior is by design.
MORE INFORMATION
================
Steps to Reproduce the Behavior
-------------------------------
1. From the Microsoft .NET Passport Web site, the user initiates a password
change by e-mail, and then waits for the e-mail message to be delivered.
2. When the user receives the e-mail message from Passport, the user opens the
e-mail message, and then clicks the link to create the new password.
3. The user waits for the page with the Please type in your new password dialog
box to open in a browser window.
4. The user does not complete the password change operation, and closes the
browser window.
5. The user waits less than 2 hours.
6. A second copy of the password change e-mail message is delivered.
7. The user waits 24 hours.
8. Note that a third copy of the password change e-mail message is delivered to
the user.
Expected result: No e-mail message is delivered in step 6.
If the user clicks the link in the e-mail message to create a new password, one
of two things may occur that prevents the password change: either the system had
a problem, or the user did not complete the transaction within 120 minutes.
- The system may have had a problem and did not complete processing the
response (or both). If the user clicks the link in the e-mail message to
create a new password, and the system has a problem, Passport does not detect
this error and does not resend the e-mail message. The resend logic detects
if the user has not clicked the link to create a new password, but does not
detect if the system has a problem. The user can use the original mail from
Passport to try the process again.
- If the user clicks the link to create a new password and then does not
complete the process within 120 minutes, as is described in the "Steps to
Reproduce the Behavior" section of this article, the resend logic assumes
that you have not clicked the link to create a new password and resends the
e-mail message based on the resend period and retry limit that is defined in
the Passport template table.
The daemon has no way to detect which case has actually occurred when it receives
TransTypeID of 31 to 40. The worst case (first scenario) is assumed.
Additional query words:
======================================================================
Keywords :
Technology : kbMSNSearch kbPassport200 kbPassportSearch
Version : :2.0
Issue type : kbprb
=============================================================================
THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.
Copyright Microsoft Corporation 1986-2002.