OpenID Accounts

For a cloudHQ account created using Google OpenID Connect (@gmail.com or Google Workspace account) or Microsoft OpenID Connect, the “Forgot your password” option will just send an email explaining that you need to login into Google / Microsoft in order to login into cloudHQ.

OpenID Connect is an authentication protocol that allows websites to verify users’ identities without having to manage or store passwords. cloudHQ uses Google OpenID Connect or Microsoft OpenID Connect and it is leveraging these providers’ authentication services to securely authenticate users. Here is how it works:

1. User Chooses to Log In: A user visits a website that offers the option to sign in with either Google or Microsoft. The user selects their preferred provider.
2. Authentication Request: The website redirects the user’s browser to the chosen provider’s authentication service with a special request for authentication (known as an authentication request). This request specifies the type of information the website needs, such as the user’s email address and basic profile information.
3. User Grants Access: The user is then asked to sign in to their Google or Microsoft account if they are not already signed in. Once logged in, the user is required to grant permission to the website to access the requested information.
4. Tokens Exchanged: After the user’s identity is verified and consent is given, Google or Microsoft sends an ID Token and possibly an Access Token back to the website. This ID Token is a JSON Web Token (JWT) that contains identity information about the user, such as their user ID and email address.
5. Website Validates Token: The website receives the ID Token, validates it to ensure it is authentic and hasn’t been tampered with. This involves verifying the digital signature on the JWT and checking that the token was issued to the correct website (the “audience”).
6. User Logged In: Once the website has confirmed that the token is valid, the user is considered logged in. The website can then create a session for the user, providing access to their account or profile.
7. No Password Storage: Throughout this entire process, the user’s password is never seen or handled by the website. The only parties that ever see the password are the user and the Google or Microsoft authentication service. Since the password doesn’t touch the website’s server, there is no password for the website to store.

By using OpenID Connect, cloudHQ outsource the responsibility of safeguarding users’ passwords to large, established identity providers like Google and Microsoft. These providers have extensive security measures in place to protect user accounts, which can offer greater security than many individual websites could achieve on their own. Moreover, it simplifies the user experience, as users do not need to remember separate passwords for every website; they only need to remember their Google or Microsoft credentials.

Accounts created using username/password

There are times we forget passwords and that is normal. The good news is that we can always reset your password for you.

If you forget the password for your cloudHQ account, here are the steps to reset your password and retrieve your account:

• Go to https://www.cloudHQ.net
• Click on Sign In
• Click Forgot your password?:
  
• Input the email address you use for your cloudHQ account and click “Send Reset Instructions”:<
• Wait for an email from us about how to reset your password.