UX updates on Recovery flows

[denis-sharypin]

Align recovery enter mnemonic with backup seedphrase flow

User Story As a user, I want to have a right perception on what kind of password do I need to provide during the recovery flow that I'm not trying to recall my old password.

(Needed to ETHBerlin)

Description

Type: Feature

Summary: Current recovery flow confuses users, makes them think they need to provide their old password which is not correct. I propose to add separate 2 steps for password creation and confirmation. Also, I renamed (Hester proposed this many times) action on the main screen from I already have an account to Access account.

Expected behavior

Actual behavior

[denis-sharypin]

Possibly could be a good moment to solve this issue https://github.com/status-im/status-react/issues/4856 @obi2020 please take a look

[chadyj]

How about a forgot password flow, or at least info on how to proceed?

[obi2020]

What if the user wants to use their old password? Does it matter; should we advise against or explicitly say that it should be a new password? @chadyj

[rachelhamlin]

@chadyj @obi2020 you don't need password if you have recovery phrase, so do we need a forgot password flow?

On the flip side, if you know your old pw and want to re-use it, I think that's probably okay—but can investigate if some vulnerability is introduced by doing so.

If anything, it's probably just not clear that the password essentially doesn't matter for recovery.

[obi2020]

Here's what I'm working with, as a starting point: https://docs.google.com/presentation/d/1WPpqaCPEjrmTRayZZQWvuhznSSBW3uN48VpaIMmfEq8/edit#slide=id.p

Please provide you thoughts & feedback either here or in the doc. A couple things I'm grappling with

• The two CTAs on the first screen are not symmetrical, but I feel there's a distinct difference between creating a Status account and importing a wallet.

• What's not on the page yet: letting the user know that when they import a wallet they also create a Status contact ID (true?)

Google Slides - create and edit presentations online, for free.

Create a new presentation and edit with others at the same time. Get stuff done with or without an internet connection. Use Slides to edit PowerPoint files. Free from Google.

[obi2020]

[rachelhamlin]

@obi2020 awesome. Just commented with my thoughts. I really like Import wallet as the bottom CTA. Why not use an active verb for New account as well (e.g. Create account)?

[obi2020]

Good point. Create account it is.

Could we talk about what defines an "account" - what is contained within a Status account?

[obi2020]

A related discussion is happening here https://discuss.status.im/t/pfs-and-wallet-recovery/335/5

There's more to do here re: communicating how contacts work for restored accounts

when a user that has just recovered their wallet receive a message from a previous contact, he will not be able to decrypt it (which is the desired behavior otherwise it would break pfs), but he will know that a message has been received.

Status.im

PFS and wallet recovery

{Name generated from public key} sent you a message. Would you like to establish a secure channel with them?” Ignore / Connect @cammellos further simplied version of what you wrote. I removed " information they have is outdated" because it hinting as what might be info that’s non-essential to the user. In fact, could it be used anytime someone is trying to contact you (not just after recovery? From an product/ experience standpoint, is important to indicate that you were connected to the per...

[rachelhamlin]

@obi2020 👍 cool. Just shot Andrea a question on the thread. Sounds to me like you recover your wallet but it more or less generates a new "chat account" each time.

[status-github-bot[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[status-github-bot[bot]]

This issue has been automatically closed. Please re-open if this issue is important to you.

[annadanchenko]

@rachelhamlin @denis-sharypin @hesterbruikman is Recovery flow still a todo?

[hesterbruikman]

Yes, looks like it is, thanks for flagging! Will add this issue to Onboarding on pivotal.

[rachelhamlin]

@hesterbruikman ooh, do we have a pivotal board for that, or is it under core? Edit: Looks like core, I see the story.