User Testing - Task Definition for Login / Forgot password


Hello UX masters!

The iOs app that we are building is going to be prototype tested soon in the usability lab and one of the flows we want to test is the forgot password flow to see if users can easily find and use the flow which in the companies case is a bit more complicated then for most other systems.
The questions arises for me how to define and write the user task for this test, is it necessary to inform the user that he/she has forgotten the password and that he/she should use the app to retrieve the username/password or would it be more realistic to brief the user that he/she hasnt used the service for over a year and that probably the username/password is xx/yy, so to give fuzzy information and to have the user fail to login and figure out autonomously how to advance from there.

The dilemma is, if the user is informed explicitly about the lack of password knowledge he is too determined to find the help/retrieve button. On the other hand the user might be confused in the test situation if the provided password is not accepted.

What are your thoughts on this?

Much appreciated,


Do you need them to use a real email?
I might give them a task of retrieve your lost password. And watch them do it.
I agree that not working password may confuse them, but I had some users who actually went to help pages and watched a video when they are stuck; some are inquisitive, some just leave the task. Just like in real world.


Thinking a bit more about this, what I mentioned before is may be too much on the explicit side. But if someone have to login and password is wrong they will explicitly look for retrieving the password option.
Though another way of creating a task might be as giving them a scenario, where they have to enter the system even if password is not accepted. I can see people’s looks on their faces like “you want me to hack it?” :slight_smile:
Or if moderated rather than remote testing, if they do not go for the options after entering wrong password couple of times, as a moderator you can interrupt by reminding, what would they do in this situation, to drive them forward. But I would look how easy they find the option, and I think what is important is how they feel about the steps after.


There is another slightly different way of doing this but not really sure how ethical / technically possible this would be for you…

You could take a real-life user of the system, someone who has already signed up, knows their password etc. Invite them in to do some testing, but without their knowledge, change their password. When they arrive ask them to login to their account and see what they do. (At the end you can let them know that you reset their password as part of the test so they don’t think they’ve gone mad or been hacked!)

Anybody else have thoughts on this approach?


Sounds like a practical and pragmatic approach! I like it.