[keycloak-dev] Usability: Improve screen for setup TOTP

Marek Posolda mposolda at redhat.com
Fri Nov 22 04:55:53 EST 2019 

On 22. 11. 19 10:34, Stian Thorgersen wrote:
> +1 "To try another way", but that should only be displayed if the user 
> is requested to setup two-factor and there are more choices. If a user 
> has selected to enable OTP through the account console (AIA) it should 
> not be displayed.

Yes, exactly. I count with that to only display "Try another way" under 
those circumstances.

Marek

>
> On Thu, 21 Nov 2019 at 15:24, Marek Posolda <mposolda at redhat.com 
> <mailto:mposolda at redhat.com>> wrote:
>
>     On 21. 11. 19 12:02, Marek Posolda wrote:
>     >
>     > I want to ask some feedback about the screen for the "Setup TOTP" .
>     > I've created JIRA https://issues.jboss.org/browse/KEYCLOAK-12168 ,
>     > which contains some screenshot of how currently the screen for the
>     > required action for "Setup OTP" looks like. In other words, this is
>     > displayed to the user at the end of the authentication when he has
>     > "Setup TOTP" required action on him.
>     >
>     > Few questions:
>     >
>     >   * Is the "Device name" appropriate label? Would something like
>     >     "Authenticator App Label" be better?
>     >
>     >   * Should it be more emphasized that "Authenticator App Label"
>     is not
>     >     mandatory? IMO it is currently not very clear. Also there is
>     >     nothing in the help-text about this input field. Maybe we
>     can add
>     >     another sentence to point 3 like "Optionally provide
>     Authenticator
>     >     App Label as a reference." I am not very happy with that
>     sentence.
>     >     Any better ideas?
>     >
>     >   * Alternatively we can use separate screen for providing the
>     >     "Authenticator App Label" . In other words, there will be just
>     >     single input for OTP code and than once user clicks "Submit" and
>     >     OTP code is successfully verified, there will be another screen
>     >     where he can provide "Authenticator App Label" . It seems Google
>     >     is using separate screen for providing labels when user register
>     >     Security Key.
>     >
>     >   * Any better ideas?
>     >
>     >   * We can possibly improve the old account console in similar
>     manner.
>     >     Currently it looks like in screenshot
>     setup-otp-account-mgmt.png .
>     >     Maybe we can at least change the label for "Device name" and
>     also
>     >     add another sentence to the help text?
>     >
>     One more point: At the bottom of the page for register TOTP, we
>     possibly
>     need the link "Try another way" or something like that. This link
>     will
>     be displayed just if user is currently trying to "Register 2nd factor
>     credential" because he is required to do so, and he has some more
>     alternative credential types to register (EG. WebAuthn).
>
>     Marek
>
>     > Thanks,
>     >
>     > Marek
>     >
>
>     _______________________________________________
>     keycloak-dev mailing list
>     keycloak-dev at lists.jboss.org <mailto:keycloak-dev at lists.jboss.org>
>     https://lists.jboss.org/mailman/listinfo/keycloak-dev
>

More information about the keycloak-dev mailing list