This section is non-normative.
Client-side password management software helps improve both the security and usability of websites which require authentication. It improves security by reducing cross-site password reuse, and enhances usability by providing autofill functionality.
Sites currently lack a way to programmatically advertise where a user can change their password. By proposing a well-known URL for changing passwords, this specification enables password managers to help users change their passwords on sites which support it.
This specification depends on the Infra Standard. [INFRA]
This specification uses terminology from the Fetch, HTML, HTTP, and URL standards. [FETCH] [HTML] [HTTP-SEMANTICS] [URL]
3. Change Password URLs
A change password url of an origin is a URL that points to a resource that clients can use to discover where a user should go to update their password on origin.
Given an origin, clients generate a change password url by running these steps:
If origin is not a potentially trustworthy origin, return failure.
Assert: origin is a tuple origin.
Let url be a new
URLwith values set as follows:
« ".well-known", "change-password" ».
The change password url for origin
Servers should redirect HTTP requests for an origin’s change password url to the actual page on which users may change their password by returning a response with a redirect status of 302, 303, or 307, and a Location header. [FETCH] [HTTP-SEMANTICS] Clients must handle such redirects when requesting a change password url.
Note: The above paragraph restricts servers to using temporary redirect codes. See Issue 13.
If necessary, servers may respond with an HTML document containing an
http-equiv pragma directive in the refresh state. [HTML] Clients should handle such redirects when requesting a change password url.
Servers must not locate the actual change password page at the change password url, per RFC8615 §1.1 Appropriate Use of Well-Known URIs. Clients must handle ok status responses when requesting a change password url.
Note: Implementations might want to use ToUnicode when displaying change password urls. [IDNA]
Make use of test the reliability of an origin’s response status codes from [RESPONSE-CODE-RELIABILITY].
4. IANA considerations
change-password well-known URI
This document defines the “
This registration will be submitted to the IESG for review, approval, and registration with IANA using the template defined in [WELL-KNOWN] as follows:
- URI suffix
- Change controller
- Specification document(s)
This document is the relevant specification. (See § 3 Change Password URLs)
- Related information:
Thanks to Anne van Kesteren, Cl1608Ho, Dan Bernstein, David Singer, Dean Jackson, Florian Rivoal, John Wilander, Maciej Stachowiak, Mark Nottingham, Mike West, and Ricky Mondello for their feedback on this proposal. All of its features are theirs and all of its bugs are mine.