Open pddocs opened 1 week ago
My two cents here:
The product team will discuss the User Experience process to correctly reflect what should be the right wording, what system should be used to explain the process (the forgot password text could include "unblock user", or the email could mention to follow the forgot password process, etc.
Currently, when any user successively enters wrong user credentials (username, user password, or wrong 2fa code), the account gets locked as expected. However, they face some roadblocks:
On the login page, they only see this error log in page (see image below). They find out they are locked out currently only when they access their inbox and see the Uwazi email notification.
On clicking the link in the email, the user comes back to the login page (see screencast below). If the expectation is to click on Forgot Password, how can it be communicated clearly to the user?
https://github.com/user-attachments/assets/bf7240ed-f883-4e38-b208-289218687335
@roirobo