When the user forgets her account password it's game over right now. We do warn her during sign up, but I'm expecting quite a lot of support emails from users who have exactly this problem in the future.
To prevent that, Andrei mentioned the possibility to provide PW BackUp Codes to the user, so that they can set the password back themselves, once they've lost them. If it's technically feasible, we need to provide those lists.
Furthermore and we need to inform the user that those lists exist and nudge them to actually save them. I'd recommend to do this during SignUp, because after that the user might forget about this.
Here are some UX-options how we could do this:
Option 1:
We do educate the user about the Password problem in the PW warning screen. We tell them that they can go to Settings/Security to download a new PW BackUp list anytime.
Also we provide them with a link to download the BackUp Code List (text file) after she set the PW.
Option 2:
We do educate the user about the Password problem in the PW warning screen and only make her continue after she downloaded the PW BackUp list.
--> low risk of PW loss, but high friction during user-onboarding.
Option 3:
We do educate the user about the Password problem in the PW warning screen, but do NOT provide them with a link to download the BackUp Code List after PW has been set.
Instead we send the BackUp List as an attachment in one of the first Onboarding Emails.
--> Is this technically possible? @andreis
Option 4:
We do educate the user about the Password problem in the PW warning screen and tell them to download a PW BackUp in Settings/Security.
We do NOT provide them with a link to download the BackUp Code List after PW has been set.
--> higher risk of PW loss, but also less friction during user-onboarding
When the user forgets her account password it's game over right now. We do warn her during sign up, but I'm expecting quite a lot of support emails from users who have exactly this problem in the future.
To prevent that, Andrei mentioned the possibility to provide PW BackUp Codes to the user, so that they can set the password back themselves, once they've lost them. If it's technically feasible, we need to provide those lists. Furthermore and we need to inform the user that those lists exist and nudge them to actually save them. I'd recommend to do this during SignUp, because after that the user might forget about this.
Here are some UX-options how we could do this:
Option 1: We do educate the user about the Password problem in the PW warning screen. We tell them that they can go to Settings/Security to download a new PW BackUp list anytime. Also we provide them with a link to download the BackUp Code List (text file) after she set the PW.
Option 2: We do educate the user about the Password problem in the PW warning screen and only make her continue after she downloaded the PW BackUp list. --> low risk of PW loss, but high friction during user-onboarding.
Option 3: We do educate the user about the Password problem in the PW warning screen, but do NOT provide them with a link to download the BackUp Code List after PW has been set. Instead we send the BackUp List as an attachment in one of the first Onboarding Emails. --> Is this technically possible? @andreis
Option 4: We do educate the user about the Password problem in the PW warning screen and tell them to download a PW BackUp in Settings/Security. We do NOT provide them with a link to download the BackUp Code List after PW has been set. --> higher risk of PW loss, but also less friction during user-onboarding
What do you guys think about this?
I'd like to see the outcome of this as part of the general SignUp redesign https://github.com/lavab/web/issues/730