Password reset messages are misleading

Background

CWD-3484 underlined a misleading wording that was displayed as password reset message. While it apparently has been fixed for Crowd, it is still an issue in Confluence:

The message that is displayed can be very misleading as it always informs users that an email was sent even though this is not always true. If there are no plans to make the message conditional, it would certainly make sense to at least change the wording of the generic message. Perhaps something like the following would be more appropriate:
"Thank you. If we find an account matching the username you have entered you will receive an email with further instructions and a reset password link. The link will lead to a page where you can choose your new password."

Steps to reproduce

1. Go to the login page and click on Forgot your password?
2. Type in any string as username which is either existing or not
3. The following misleading message is displayed:
   
   
   

As pointed out in CWD-2457, not revealing whether or not the user exists in the DB is a cautious design decision, which is fine.

Suggestion

However, in line with CWD-3484, a more generic wording should be used in Confluence as well:

Thanks! If we recognize that email address, you should receive a link to reset your password via email soon. If you don't receive an email in the next five minutes, check your spam folder or try again with a different email address.

Our additional suggestion:

Please also make sure to not include a leading or trailing whitespace (e.g. by copying and pasting your username.