Password Reset Volume

Password Reset Volume (PRV) measures how often active users complete a password reset over a defined period, normalized per user per year. It is a practical way to quantify the ongoing operational tax of password based authentication, including user frustration and the support and infrastructure effort required to recover access.

We measure Password Reset Volume when a user enters account recovery after failing to authenticate or selecting forgot password. Measurement boundary: we count one reset at the moment the password is successfully changed through the recovery flow, then we normalize by active users and time.

flowchart LR
    LA((Offer Auth))
    SL((Start Login))
    FL((Failed Login))
    OR((Offer Reset))
    SR((Start Reset))
    CR((Complete Reset))
    SA((Success Auth))

    LA --> SL --> FL --> OR --> SR --> CR --> SA

    SR -. "PASSWORD RESET VOLUME" .-> CR

Get the Authentication Analytics Whitepaper

Analyze your Authentication Performance with Real Numbers

10 KPIs that connect authentication performance to revenue. Track adoption, friction & conversion impact.

Download the Authentication Analytics Whitepaper

Work email *

Name *

Company *

Job title *

Get Whitepaper

For Password Reset Volume, the unit of analysis is an active user in the period. We count each completed password reset once, even if the same user resets multiple times.

In practice, Total Password Resets is the number of completed reset events in the period, Active Users is the number of unique active users in the same period and Time Period in Years converts the period length into years.

A useful way to interpret levels is that 100% equals 1 reset per active user per year.

Include resets that complete the recovery flow and result in a new password being set, for example password_reset_completed. Exclude voluntary password changes from signed in settings, exclude test accounts, and exclude retries that do not complete. Decide whether to include agent assisted resets, then keep that rule consistent.

Define Active Users as unique users who were active in the product during the period, typically by a successful login or a meaningful authenticated session. Keep the activity definition stable so changes in tracking do not look like real resets moving.

We use Password Reset Volume to reduce avoidable recovery and the cost and friction it creates.

• Higher successful sign ins that reach the intended authenticated state, diagnose high forgetting or lockouts, reduce password reliance with passkeys or better credential storage prompts, validate with a sustained drop in resets and fewer repeat resetters
• Lower user drop off during authentication, diagnose abandonment inside reset flow, improve deliverability and link reliability, validate with fewer repeat requests from the same user within a day
• Lower support contacts caused by authentication issues, diagnose high agent assisted resets, increase self service success and clear in product guidance, validate with fewer tickets per 1,000 active users
• Better operational cost through fewer retries and interventions, diagnose high reset loops and resend storms, add rate limits with user friendly guidance and better error handling, validate with lower resets per active user and lower infra spend

• Intent and selection bias: Resets measure users who hit recovery, not all users who struggled, so product changes that hide recovery can lower the metric without improving access
• Missing telemetry: If completion events are not logged consistently across clients, the metric can drop while real resets stay flat
• Mix shifts: A surge in infrequent users can raise resets even when the experience is unchanged, segment by login frequency and tenure
• Policy driven resets: Forced rotations and security lockouts can inflate resets and can mask improvements in usability

Report Password Reset Volume weekly and monthly. Break down by reset trigger, platform, deliverability outcome, user tenure, login frequency, and passkey enabled versus not so the metric stays diagnostic instead of just descriptive.