#5628 webui: Unclear(UX) purpose of OTP field in password reset form on login
Closed: fixed 2 months ago by frenaud. Opened 4 years ago by pvoborni.

scenario
1. As an admin I create a user and a password for that user
2. User tries to log into the UI he is presented with the UI form that has:

  • user name
  • current password
  • OTP (optional)
  • New password first prompt
  • New password second prompt

It is unclear what you need to do with OTP prompt. I suggest instead of "optional" say something like "leave blank if you are not using OTP token for authentication"

Note: similar issue is most likely also in:

  • password change dialog(top bar/<user loging="">/change password)
  • ipa/ui/reset_password.html page

Metadata Update from @pvoborni:
- Issue assigned to someone
- Issue set to the milestone: FreeIPA 4.5 backlog

3 years ago

Metadata Update from @pvomacka:
- Issue close_status updated to: None
- Issue tagged with: webui

3 years ago

I also suggest moving the OTP field to be the last field, after new password 1 and 2.

After observing a number of users, I've realized that having OTP before the new password often leads to an OTP that times out by the time the user has typed in his new password. Putting the OTP field last would fix that.

master:

  • 13b1778 WebUI: move OTP to be the last field in the PW reset form
  • d63a91d WebUI: reword OTP info message displayed during PW reset
  • ea5c0a1 Unify spelling of "One-Time Password"

Metadata Update from @frenaud:
- Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/4799 (was: 0)
- Issue assigned to carbenium (was: someone)
- Issue set to the milestone: None (was: FreeIPA 4.5 backlog)

2 months ago

ipa-4-8:

  • 2c3bf18 WebUI: move OTP to be the last field in the PW reset form
  • 82475aa WebUI: reword OTP info message displayed during PW reset
  • 0320de7 Unify spelling of "One-Time Password"

Metadata Update from @frenaud:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

2 months ago

master:

  • dc11b98 Unify spelling of "One-Time Password" (take 2)

ipa-4-8:

  • 8c7f54d Unify spelling of "One-Time Password" (take 2)

Login to comment on this ticket.

Metadata