Users may mistype email address for verification

[pleasework-sh]

On the auth screen, there is only one field for email address.

After the user submits their vote, they may accidentally mistype their email address and never get the verification email.

So at this point, would they have to resubmit their votes again if they entered the wrong email address?

I propose adding a second field to ask users to type in their email address again and before submission, verifying that the two input fields match.

[arianabuilds]

Entry Summary for HACK SIV @ DEF CON 2024

Thanks again for participating! This submission earned $0.00 from SIV and $11.43 from the Public Vote, for a total of $11.43.

Here's what we noted in our evaluation:

What's interesting about this submission

• Good UX to be mindful of

What takes away from it

• Not really in-scope for this security focused contest. But still appreciated!

Issue to track getting paid: https://github.com/siv-org/hack.siv.org/issues/5

[dsernst]

• One note that this is only for public link_auth elections (like the DEFCON mock election), not elections with a pre-authorized voter roll (like the vast majority of more serious ones).

In terms of UX, the next page after entering the email should already be making it clear that the vote is still pending until the email is confirmed (with both a full-screen model, and then banner at the top once the modal is dismissed), and it also displays the email address that was typed in.

• [ ] Would be nice if it also provided a button or link to change the email address. Useful eg if the user notices they made a typo, or hasn’t received the confirmation, etc.