Stratosphere send emails in a wide variety of scenarios. Below you can find information on what these emails are for, what they contain, who might receive them, and when.
Email Troubleshooting Steps
If you are expecting to receive an email from Stratosphere, but it is not showing up in your inbox, please perform the following troubleshooting steps.
1. Verify the inbox you are checking matches your email in Stratosphere
2. Check any email filters or junk folders your inbox may have. If you find any Stratosphere emails are getting misdirected or blocked, set your filter to allow all stratosphere.app emails in the future.
3. Read the description of the missing email below to ensure that the email you are expecting was appropriately triggered.
4. Contact Terso support.
Welcome to Stratosphere Email
Triggered by: A user being granted the Website Access Role.
Sent to: The email address of the user who was just granted website access.
This email contains a short welcome message informing the recipient that they were just added to Stratosphere. It lists the user who added them, the organization name they were added to, and contains a link for the user to set their password. For security reasons, this password link expires after 30 days. If the user does not follow this link to set their password within 30 days, they may either:
- Request that the user who added them resend the invite
- Go to the Stratosphere login page and follow the Forgot Password workflow
Forgot Password Email
Triggered by: Entering an email address on the Forgot Password page.
Sent to: The specified email address, if, and only if, the email address belongs to a Stratosphere user who has already been granted the Website Access role. If the email address entered on the forgot password screen does not belong to a Stratosphere user with website access, no forgot password email will be generated.
This email contains a short message remind the recipient that their email was entered on the forgot password screen. If the recipient did not enter their email, or they have since remembered they password, this email can be ignored. If they do want to reset their password, they may follow the included "Set Password" link. For security reasons, this link will expire in 1 hour. If the link has expired, the user may return to the Forgot Password screen and re-enter their email to generate a new email with a fresh link.
Access Revoked Email
Triggered by: A user having their website access role removed or being deactivated.
Sent to: The user who has lost access to Stratosphere
This email contains a short message informing the user that they no longer have permission to log in to Stratosphere. It lists the user who removed them, and the organization name they were removed from, so that if they believe this was in error, they can reach out to the administration to regain access, or have the revocation explained.
Reset Password Email
Triggered by: An administrator force resetting a user's current password, most likely because they believed the password was compromised.
Sent to: The user whose password has been reset.
This email informs the user that an administrator has reset their password, and they will need to set a new password before logging in to Stratosphere by following the included "Set Password" link.
For security reasons, this password link expires after 30 days. If the user does not follow this link to set their password within the 30-day limit, they may go to the Stratosphere login page and follow the Forgot Password workflow.
Failed Login Attempt/Account Lockout Email
Triggered by: A valid email address was entered with an invalid password 5 times in a rolling 10-minute window, triggering a 10-minute lockout of the account.
Sent to: All Stratosphere users with the user management role.
This email informs the users who are responsible for managing other users that a suspicious attempt was made to log in to Stratosphere. It includes the email address that was used, and the time the lockout occurred, as well as potential actions to take in response. These potential actions include resetting the user's password, or deactivating the user. The appropriate action will depend on whether it was the actual user just forgetting their password or if a malicious user was trying to brute force their way into the account.