3:55 a.m.
On 22. 11. 19 10:34, Stian Thorgersen wrote:
+1 "To try another way", but that should only be displayed
if the user
is requested to setup two-factor and there are more choices. If a user
has selected to enable OTP through the account console (AIA) it should
not be displayed.
Yes, exactly. I count with that to only display "Try another way" under
those circumstances.
Marek
On Thu, 21 Nov 2019 at 15:24, Marek Posolda <mposolda(a)redhat.com
<mailto:mposolda@redhat.com>> wrote:
On 21. 11. 19 12:02, Marek Posolda wrote:
>
> I want to ask some feedback about the screen for the "Setup TOTP" .
> I've created JIRA https://issues.jboss.org/browse/KEYCLOAK-12168 ,
> which contains some screenshot of how currently the screen for the
> required action for "Setup OTP" looks like. In other words, this is
> displayed to the user at the end of the authentication when he has
> "Setup TOTP" required action on him.
>
> Few questions:
>
> * Is the "Device name" appropriate label? Would something like
> "Authenticator App Label" be better?
>
> * Should it be more emphasized that "Authenticator App Label"
is not
> mandatory? IMO it is currently not very clear. Also there is
> nothing in the help-text about this input field. Maybe we
can add
> another sentence to point 3 like "Optionally provide
Authenticator
> App Label as a reference." I am not very happy with that
sentence.
> Any better ideas?
>
> * Alternatively we can use separate screen for providing the
> "Authenticator App Label" . In other words, there will be just
> single input for OTP code and than once user clicks "Submit" and
> OTP code is successfully verified, there will be another screen
> where he can provide "Authenticator App Label" . It seems Google
> is using separate screen for providing labels when user register
> Security Key.
>
> * Any better ideas?
>
> * We can possibly improve the old account console in similar
manner.
> Currently it looks like in screenshot
setup-otp-account-mgmt.png .
> Maybe we can at least change the label for "Device name" and
also
> add another sentence to the help text?
>
One more point: At the bottom of the page for register TOTP, we
possibly
need the link "Try another way" or something like that. This link
will
be displayed just if user is currently trying to "Register 2nd factor
credential" because he is required to do so, and he has some more
alternative credential types to register (EG. WebAuthn).
Marek
> Thanks,
>
> Marek
>
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org <mailto:keycloak-dev@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-dev