search

unee-t / frontend

Meteor front end
https://case.dev.unee-t.com/
GNU Affero General Public License v3.0
9 stars 17 forks source link

login page is confusing for user who have been invited to a case (or a unit) #811

Open franck-boullier opened 5 years ago

franck-boullier commented 5 years ago

The problem

See Issue #793 for a real life consequence of this issue.

This is not the first time that this has happened: several of our users are confused by the current login interface.

An invited user does NOT understand that, in order to access Unee-T without a magic link to a specific case, he/she needs to press on the "forgot password" link and follow the reset password procedure.

This happens mostly to users who are invited to a case and are used to click on the "Magic link" included in the email notification they received.

If the user tries to access Unee-T without using a "magic link" (to create a new case for instance), then the user is stuck.

Why this is critical:

This is a critical issue because user are NOT able to use Unee-T as they should because of that.

The current login page creates significant barrier /hurdle that many users are unable to overcome.

The main question we need to answer here is

"As a user, how can I access Unee-T?"

Anecdotal evidence shows us that most invited users have no clue on how to do that with the current login/landing page.

@kiatlim we need to find a way to make it much more obvious.

kiatlim commented 5 years ago

@franck-boullier has this been implemented? This shows up when users who are logging in with the magic link is prompted to set their password.

We will also look at re-doing the login page with a clearer message to reset their password. e.g: "If you've logged in previously but don't have a password, reset it here."

Other products are almost doing it away with the email and password entirely altogether moving towards using just mobile number and 2FA as the login mechanism. e.g. Grab, 99.co, YouTrip. What do you think about us going towards that?

franck-boullier commented 5 years ago

has this been implemented?

This might be a good first step, thanks for the reminder! @nbiton, let me know if you see an issue with this concept. We should move #429 up in the to do list

We will also look at re-doing the login page with a clearer message to reset their password. e.g: "If you've logged in previously but don't have a password, reset it here."

Thanks

using just mobile number and 2FA as the login mechanism. e.g. Grab, 99.co, YouTrip. What do you think about us going towards that?

I think this should be the long term goal yes. See https://github.com/unee-t/frontend/issues/527

ongdominic commented 5 years ago

The proposed solution to this problem is to create a 2 step login process. First, we will get the user to enter their emails. If they have set a password, they would be prompted to enter their password. If they have not set a password, the reset password email would be sent to their emails.

https://www.figma.com/file/SgLcXdmBih1JxVq1lupMiPtr/Unee-T-Designs?node-id=2996%3A6233

franck-boullier commented 5 years ago

First, we will get the user to enter their emails. If they have set a password, they would be prompted to enter their password. If they have not set a password, the reset password email would be sent to their emails.

That works for me 👍

kaihendry commented 5 years ago

Two step login process usually breaks browsers ability to autologin a user. https://github.com/unee-t/frontend/issues/830#issuecomment-517095150

Perhaps browsers are smart enough nowadays, but that's been my experience.