#5628 webui: Unclear(UX) purpose of OTP field in password reset form on login
Opened 3 years ago by pvoborni. Modified 2 years ago

scenario
1. As an admin I create a user and a password for that user
2. User tries to log into the UI he is presented with the UI form that has:

  • user name
  • current password
  • OTP (optional)
  • New password first prompt
  • New password second prompt

It is unclear what you need to do with OTP prompt. I suggest instead of "optional" say something like "leave blank if you are not using OTP token for authentication"

Note: similar issue is most likely also in:

  • password change dialog(top bar/<user loging="">/change password)
  • ipa/ui/reset_password.html page

Metadata Update from @pvoborni:
- Issue assigned to someone
- Issue set to the milestone: FreeIPA 4.5 backlog

2 years ago

Metadata Update from @pvomacka:
- Issue close_status updated to: None
- Issue tagged with: webui

2 years ago

I also suggest moving the OTP field to be the last field, after new password 1 and 2.

After observing a number of users, I've realized that having OTP before the new password often leads to an OTP that times out by the time the user has typed in his new password. Putting the OTP field last would fix that.

Login to comment on this ticket.

Metadata