Uploaded image for project: 'Blesta Core'
  1. Blesta Core
  2. CORE-5259

Add password field below One-Time Password when enabling 2FA on a client profile

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 5.10.0
    • Fix Version/s: 5.12.0-b1
    • Component/s: Client Interface
    • Labels:
      None

      Description

      In the client area, clients can enable 2FA, but when they scan the QR code and enter the One-Time Password token, they also have to enter their account password but the field is above the section so it's not user friendly and most fail to do this the first time.

      2 changes:

      1. Rename "One-Time Password" to "One Time Password (As shown in your Authenticator)"
      2. Directly below this field, add a new field for "Current Password (Required to enable 2FA)"

      Then, instead of having to enter their current password above, they can enter it here instead. It might make sense to allow them to enter it in either location, but most will understand if it's here.

        Activity

        admin Paul Phillips created issue -
        admin Paul Phillips made changes -
        Field Original Value New Value
        Security Private [ 10000 ]
        admin Paul Phillips made changes -
        Description In the client area, clients can enable 2FA, but when they scan the QR code and enter the One-Time Password token, they also have to enter their account password but the field is above the section so it's not user friendly and most fail to do this the first time.

        2 changes:

        1. Rename "One-Time Password" to "One Time Password (As shown in your Authenticator)
        2. Directly below this field, add a new field for "Current Password (Required to enable 2FA)"

        Then, instead of having to enter their current password above, they can enter it here instead. It might make sense to allow them to enter it in either location, but most will understand if it's here.
        In the client area, clients can enable 2FA, but when they scan the QR code and enter the One-Time Password token, they also have to enter their account password but the field is above the section so it's not user friendly and most fail to do this the first time.

        2 changes:

        1. Rename "One-Time Password" to "One Time Password (As shown in your Authenticator)"
        2. Directly below this field, add a new field for "Current Password (Required to enable 2FA)"

        Then, instead of having to enter their current password above, they can enter it here instead. It might make sense to allow them to enter it in either location, but most will understand if it's here.
        jonathan Jonathan Reissmueller made changes -
        Rank Ranked higher

          People

          • Assignee:
            Unassigned
            Reporter:
            admin Paul Phillips
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated: