these items were originally part of #4402
When logging in with an expired password, the user will be asked to reset a password and enter an OTP. Although OTP means one-time password, some users could be confusing it with the OTP he/she just entered in the previous page. It would be nicer to say "New OTP" or add an explanation "Wait for a new OTP" to make sure the user enters a new OTP.
Ideally the password reset page/dialog should indicate whether the old password and the OTP are required based on the actual authentication type available to the user.
The Sync OTP page should explain that for the second OTP the user should generate or wait for a new one.
The link to Sync OTP Token is not very visible and probably rarely used, so probably it can be moved together with the other messages ("To login with...") and be given a longer description.
In the password reset page the "Reset Password and Login" button is not quite accurate for OTP case since the user will not be logged in automatically.
Some notes:
master:
ipa-4-1:
left open because of:
"2. Try logging in with an incorrect password/OTP. After you get a login error click Sync OTP Token. Once the sync is completed it will go back to the login page with a "Token was synchronized" message that disappears in a few seconds, but the old login error still appears which is confusing. Error messages in the UI should only reflect the last executed operation. "
Metadata Update from @pvoborni: - Issue assigned to pvoborni - Issue set to the milestone: FreeIPA 4.1
Login to comment on this ticket.