Page MenuHomePhabricator
Create Task
Maniphest T136894

Password not strong enough dialog confusing
Closed, ResolvedPublic
Actions

Description

Presumably this is from auth manager.

The password is too weak dialog displays the following:

Your password is not valid: Passwords must be at least 8 characters.

Please choose a new password now, or click "Cancel" to reset it later.

But the choices are:

  • Skip
  • Continue Login

It is very unclear which one actually changes your password. Also there is no "confirm" input box to double type password.

If you want to not change your password, I would assume you have to press skip, but then i get an error about not entering your password. Its very unclear you have to re-enter your password at this point if you don't want to change it.

Details

SubjectRepoBranchLines +/-
Change invalid password reset form languagemediawiki/coreREL1_27+2 -2
Change invalid password reset form languagemediawiki/coremaster+2 -2
Add default properties for the password reset form skip buttonmediawiki/corewmf/1.28.0-wmf.5+5 -0
Add default properties for the password reset form skip buttonmediawiki/coremaster+5 -0
Add default properties for the password reset form skip buttonmediawiki/coreREL1_27+5 -0
Change invalid password reset form languagemediawiki/corewmf/1.28.0-wmf.5+2 -2
Don't override action in UI and REDIRECT responsesmediawiki/coreREL1_27+9 -8
Don't override action in UI and REDIRECT responsesmediawiki/coremaster+9 -8
Customize query in gerrit

Related Objects
Search...

View Standalone Graph
This task is connected to more than 200 other tasks. Only direct parents and subtasks are shown here. Use View Standalone Graph to show more of the graph.
StatusSubtypeAssignedTask
· · ·
InvalidNoneT40638 [DO NOT USE] Interface messages needing rewording or documentation and other issues with existing messages [superseded by #Voice_&_Tone]
ResolvedTgrT136894 Password not strong enough dialog confusing
· · ·

Event Timeline

Bawolff created this task.Jun 2 2016, 11:01 PM
Restricted Application added subscribers: Zppix, Aklapper. · View Herald TranscriptJun 2 2016, 11:01 PM
Aklapper added a parent task: T40638: [DO NOT USE] Interface messages needing rewording or documentation and other issues with existing messages [superseded by #Voice_&_Tone].Jun 3 2016, 10:40 AM
Anomie added a comment.EditedJun 3 2016, 3:33 PM

The lack of a retype box was broken by rMWdb521e557482: AuthManager: Ensure neededRequests have action and username set properly. That's not too hard to fix.

The "Skip" button can be changed easily enough, although I don't think "Cancel" would be very clear. @Tgr would have a better idea about the "Continue Login" button, if we need to make it able to be overridden for this screen instead of using the generic message.

gerritbot subscribed.Jun 3 2016, 3:40 PM

Change 292575 had a related patch set uploaded (by Anomie):
Don't override action in UI and REDIRECT responses

https://gerrit.wikimedia.org/r/292575

gerritbot added a project: Patch-For-Review.Jun 3 2016, 3:40 PM
Anomie added a subscriber: Tgr.Jun 3 2016, 3:43 PM
gerritbot added a comment.Jun 6 2016, 2:25 PM

Change 292575 merged by jenkins-bot:
Don't override action in UI and REDIRECT responses

https://gerrit.wikimedia.org/r/292575

gerritbot added a comment.Jun 6 2016, 2:40 PM

Change 292932 had a related patch set uploaded (by Gergő Tisza):
Don't override action in UI and REDIRECT responses

https://gerrit.wikimedia.org/r/292932

gerritbot added a comment.Jun 6 2016, 2:50 PM

Change 292932 merged by jenkins-bot:
Don't override action in UI and REDIRECT responses

https://gerrit.wikimedia.org/r/292932

Anomie removed a project: Patch-For-Review.Jun 6 2016, 2:57 PM
gerritbot added a comment.Jun 6 2016, 3:09 PM

Change 292934 had a related patch set uploaded (by Gergő Tisza):
Password change request should be optional on soft reset

https://gerrit.wikimedia.org/r/292934

gerritbot added a project: Patch-For-Review.Jun 6 2016, 3:09 PM
gerritbot added a comment.Jun 7 2016, 11:29 AM

Change 293094 had a related patch set uploaded (by Gergő Tisza):
Change invalid password reset form language

https://gerrit.wikimedia.org/r/293094

gerritbot added a comment.Jun 7 2016, 10:26 PM

Change 293231 had a related patch set uploaded (by Gergő Tisza):
Change invalid password reset form language

https://gerrit.wikimedia.org/r/293231

gerritbot added a comment.Jun 7 2016, 10:28 PM

Change 293094 merged by jenkins-bot:
Change invalid password reset form language

https://gerrit.wikimedia.org/r/293094

gerritbot added a comment.Jun 7 2016, 10:38 PM

Change 293231 merged by jenkins-bot:
Change invalid password reset form language

https://gerrit.wikimedia.org/r/293231

ReleaseTaggerBot added projects: MW-1.27-release-notes, MW-1.28-release-notes, MW-1.28-release (WMF-deploy-2016-06-14_(1.28.0-wmf.6)).Jun 8 2016, 4:00 PM
ReleaseTaggerBot added a project: MW-1.28-release (WMF-deploy-2016-06-07_(1.28.0-wmf.5)).Jun 8 2016, 5:00 PM
gerritbot added a comment.Jun 9 2016, 5:48 PM

Change 293536 had a related patch set uploaded (by Gergő Tisza):
Add default properties for the password reset form skip button

https://gerrit.wikimedia.org/r/293536

Tgr added a comment.Jun 9 2016, 5:53 PM

I wonder if just removing the skip button and allowing the user to submit an empty form to skip would be clearer.

@Anomie, re your IRC question: in HTML5, the default submit button is the one that's first in document order. I've read that historically the behavior varied from browser to browser, but only in ways that are not relevant for a typical form layout (some used first in tab order; some used first in DOM order after the currently focused element).

If you want to keep the skip button on top but make it non-default, you need to do visual hacks (e.g. opposite relative positioning for the two buttons). IMO it's not worth the complexity.

The button label can be changed if needed. Not sure if that would be less confusing though.

gerritbot added a comment.Jun 9 2016, 6:02 PM

Change 293536 merged by jenkins-bot:
Add default properties for the password reset form skip button

https://gerrit.wikimedia.org/r/293536

gerritbot added a comment.Jun 9 2016, 6:28 PM

Change 293542 had a related patch set uploaded (by Gergő Tisza):
Add default properties for the password reset form skip button

https://gerrit.wikimedia.org/r/293542

gerritbot added a comment.Jun 9 2016, 6:52 PM

Change 293542 merged by jenkins-bot:
Add default properties for the password reset form skip button

https://gerrit.wikimedia.org/r/293542

Tgr added a comment.Jun 9 2016, 10:26 PM

Should we consider this fixed?

gerritbot added a comment.Jun 9 2016, 10:50 PM

Change 293636 had a related patch set uploaded (by Gergő Tisza):
Add default properties for the password reset form skip button

https://gerrit.wikimedia.org/r/293636

gerritbot added a comment.Jun 9 2016, 10:58 PM

Change 293636 merged by jenkins-bot:
Add default properties for the password reset form skip button

https://gerrit.wikimedia.org/r/293636

gerritbot added a comment.Jun 10 2016, 6:03 PM

Change 293773 had a related patch set uploaded (by Gergő Tisza):
Change invalid password reset form language

https://gerrit.wikimedia.org/r/293773

gerritbot added a comment.Jun 10 2016, 6:15 PM

Change 293773 merged by jenkins-bot:
Change invalid password reset form language

https://gerrit.wikimedia.org/r/293773

Tgr closed this task as Resolved.Jun 14 2016, 8:55 PM
Tgr claimed this task.

Don't see anything else to be done here.

Aklapper removed a subscriber: Anomie.Oct 16 2020, 5:39 PM
Aklapper edited projects, added Voice & Tone; removed MW-1.28-release (WMF-deploy-2016-06-07_(1.28.0-wmf.5)).May 24 2021, 9:36 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL