[keycloak-dev] Usability: Improve screen for setup TOTP

Stian Thorgersen sthorger at redhat.com
Fri Nov 22 04:34:16 EST 2019


+1 "To try another way", but that should only be displayed if the user is
requested to setup two-factor and there are more choices. If a user has
selected to enable OTP through the account console (AIA) it should not be
displayed.

On Thu, 21 Nov 2019 at 15:24, Marek Posolda <mposolda at redhat.com> wrote:

> On 21. 11. 19 12:02, Marek Posolda wrote:
> >
> > I want to ask some feedback about the screen for the "Setup TOTP" .
> > I've created JIRA https://issues.jboss.org/browse/KEYCLOAK-12168 ,
> > which contains some screenshot of how currently the screen for the
> > required action for "Setup OTP" looks like. In other words, this is
> > displayed to the user at the end of the authentication when he has
> > "Setup TOTP" required action on him.
> >
> > Few questions:
> >
> >   * Is the "Device name" appropriate label? Would something like
> >     "Authenticator App Label" be better?
> >
> >   * Should it be more emphasized that "Authenticator App Label" is not
> >     mandatory? IMO it is currently not very clear. Also there is
> >     nothing in the help-text about this input field. Maybe we can add
> >     another sentence to point 3 like "Optionally provide Authenticator
> >     App Label as a reference." I am not very happy with that sentence.
> >     Any better ideas?
> >
> >   * Alternatively we can use separate screen for providing the
> >     "Authenticator App Label" . In other words, there will be just
> >     single input for OTP code and than once user clicks "Submit" and
> >     OTP code is successfully verified, there will be another screen
> >     where he can provide "Authenticator App Label" . It seems Google
> >     is using separate screen for providing labels when user register
> >     Security Key.
> >
> >   * Any better ideas?
> >
> >   * We can possibly improve the old account console in similar manner.
> >     Currently it looks like in screenshot setup-otp-account-mgmt.png .
> >     Maybe we can at least change the label for "Device name" and also
> >     add another sentence to the help text?
> >
> One more point: At the bottom of the page for register TOTP, we possibly
> need the link "Try another way" or something like that. This link will
> be displayed just if user is currently trying to "Register 2nd factor
> credential" because he is required to do so, and he has some more
> alternative credential types to register (EG. WebAuthn).
>
> Marek
>
> > Thanks,
> >
> > Marek
> >
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
>


More information about the keycloak-dev mailing list