----- Original Message -----
From: "Gabriel Cardoso" <gcardoso(a)redhat.com>
To: "Stian Thorgersen" <stian(a)redhat.com>
Cc: "Bill Burke" <bburke(a)redhat.com>, keycloak-dev(a)lists.jboss.org
Sent: Tuesday, 20 May, 2014 4:33:37 PM
Subject: Re: [keycloak-dev] Issues with the first login flow
> From the technical point of view I don't like the idea of adding a special
> case that lets you set the admin password. Not just because of the
> additional work, but also as it adds a possible security hole. There are
> also situations where someone may set a more secure admin password on an
> initial installation prior to handing over to an admin, in which case
> there will be a password set, but the admin will be required to set the
> password. What we have covers both those use cases, as well as the use
> cases for when a password is required to be changed (suspected attack,
> expired password, etc).
>
> On the other side, with regards to usability, I believe any user or admin
> of Keycloak are likely to experience the "update password" page, and may
> so several times while using Keycloak. This page will be displayed after
> the user has logged in with username/password (and optionally totp). I
> agree that this can be confusing, especially as it has the exact same
> layout as the login screen and only text changes. If we can find a
> solution to making this page more obvious to users that would also
> sufficiently solve the first login case in my opinion.
Ok, we can keep the current flow :)
> By the way the last attachment doesn't work as the screen should be
> displayed after the user has logged in, and hence not require the user to
> enter a username.
So, when the user is asked to update his password, is he already logged in?
It doesn't feel like that at all. The feeling is that you need to update the
password to log in. To update the password is mandatory at that point, isn’t
it? I mean, without doing so, the user cannot “explore” the console, right?
He's not logged-in, those are actions that the user are required to do prior to be
logged-in. The user will however have to identify himself with username/password (and totp
if configured) prior to being permitted to do those actions. The actions a user can be
asked to do as part of a login is not just limited to updating the password. These can
include:
* Configure TOTO
* Update password
* Verify email
* Update profile
And, possible more to come in the future.
Regarding my screen, if the matter is the text “To have access to the
console…”, we can easily change it. Maybe it is hard to recognise that, but
the “username” field is already fulfilled with admin, which is a disabled
field. So the autofocus would be in “New password” and the user wouldn’t
need to enter the username.
Despite your punctual appointments, don’t you think a screen like that would
improve what we have? I included the text above and the field “username” for
this screen to be visible different from the login screen.
Text above we already have in a notification thing, but I don't have a problem with
moving that above the form. The username input field doesn't make sense at all, as the
user is not able to change that at this stage.
Gabriel
---
Gabriel Cardoso
User Experience Designer @ Red Hat