Page MenuHomePhabricator

Password not strong enough dialog confusing
Closed, ResolvedPublic

Description

Presumably this is from auth manager.

The password is too weak dialog displays the following:

Your password is not valid: Passwords must be at least 8 characters.

Please choose a new password now, or click "Cancel" to reset it later.

But the choices are:

  • Skip
  • Continue Login

It is very unclear which one actually changes your password. Also there is no "confirm" input box to double type password.

If you want to not change your password, I would assume you have to press skip, but then i get an error about not entering your password. Its very unclear you have to re-enter your password at this point if you don't want to change it.

Related Objects

View Standalone Graph
This task is connected to more than 200 other tasks. Only direct parents and subtasks are shown here. Use View Standalone Graph to show more of the graph.

Event Timeline

Bawolff created this task.Jun 2 2016, 11:01 PM
Restricted Application added subscribers: Zppix, Aklapper. · View Herald TranscriptJun 2 2016, 11:01 PM
Anomie added a comment.EditedJun 3 2016, 3:33 PM

The lack of a retype box was broken by rMWdb521e557482: AuthManager: Ensure neededRequests have action and username set properly. That's not too hard to fix.

The "Skip" button can be changed easily enough, although I don't think "Cancel" would be very clear. @Tgr would have a better idea about the "Continue Login" button, if we need to make it able to be overridden for this screen instead of using the generic message.

Change 292575 had a related patch set uploaded (by Anomie):
Don't override action in UI and REDIRECT responses

https://gerrit.wikimedia.org/r/292575

Anomie added a subscriber: Tgr.Jun 3 2016, 3:43 PM

Change 292575 merged by jenkins-bot:
Don't override action in UI and REDIRECT responses

https://gerrit.wikimedia.org/r/292575

Change 292932 had a related patch set uploaded (by Gergő Tisza):
Don't override action in UI and REDIRECT responses

https://gerrit.wikimedia.org/r/292932

Change 292932 merged by jenkins-bot:
Don't override action in UI and REDIRECT responses

https://gerrit.wikimedia.org/r/292932

Change 292934 had a related patch set uploaded (by Gergő Tisza):
Password change request should be optional on soft reset

https://gerrit.wikimedia.org/r/292934

Change 293094 had a related patch set uploaded (by Gergő Tisza):
Change invalid password reset form language

https://gerrit.wikimedia.org/r/293094

Change 293231 had a related patch set uploaded (by Gergő Tisza):
Change invalid password reset form language

https://gerrit.wikimedia.org/r/293231

Change 293094 merged by jenkins-bot:
Change invalid password reset form language

https://gerrit.wikimedia.org/r/293094

Change 293231 merged by jenkins-bot:
Change invalid password reset form language

https://gerrit.wikimedia.org/r/293231

Change 293536 had a related patch set uploaded (by Gergő Tisza):
Add default properties for the password reset form skip button

https://gerrit.wikimedia.org/r/293536

Tgr added a comment.Jun 9 2016, 5:53 PM

I wonder if just removing the skip button and allowing the user to submit an empty form to skip would be clearer.

@Anomie, re your IRC question: in HTML5, the default submit button is the one that's first in document order. I've read that historically the behavior varied from browser to browser, but only in ways that are not relevant for a typical form layout (some used first in tab order; some used first in DOM order after the currently focused element).

If you want to keep the skip button on top but make it non-default, you need to do visual hacks (e.g. opposite relative positioning for the two buttons). IMO it's not worth the complexity.

The button label can be changed if needed. Not sure if that would be less confusing though.

Change 293536 merged by jenkins-bot:
Add default properties for the password reset form skip button

https://gerrit.wikimedia.org/r/293536

Change 293542 had a related patch set uploaded (by Gergő Tisza):
Add default properties for the password reset form skip button

https://gerrit.wikimedia.org/r/293542

Change 293542 merged by jenkins-bot:
Add default properties for the password reset form skip button

https://gerrit.wikimedia.org/r/293542

Tgr added a comment.Jun 9 2016, 10:26 PM

Should we consider this fixed?

Change 293636 had a related patch set uploaded (by Gergő Tisza):
Add default properties for the password reset form skip button

https://gerrit.wikimedia.org/r/293636

Change 293636 merged by jenkins-bot:
Add default properties for the password reset form skip button

https://gerrit.wikimedia.org/r/293636

Change 293773 had a related patch set uploaded (by Gergő Tisza):
Change invalid password reset form language

https://gerrit.wikimedia.org/r/293773

Change 293773 merged by jenkins-bot:
Change invalid password reset form language

https://gerrit.wikimedia.org/r/293773

Tgr closed this task as Resolved.Jun 14 2016, 8:55 PM
Tgr claimed this task.

Don't see anything else to be done here.