We've noticed a small amount of errors whereby Sierra rejects a changed/reset password and shows a generic 'something went wrong' error to the user.
This is because Sierra has rules about 'trivial patterns' in password.
Ticket: https://github.com/wellcomecollection/wellcomecollection.org/issues/7816
In this case, 'trivial patterns' are specifically repeated characters e.g. aaaa, ababab, abcabc. If you try to reset/change your password using your library account and you enter a new password with repeated characters and submit the form by clicking 'Update password', you'll get this message:
We want to improve this. We have restrictions on what we can improve as we don't have much control over the appearance of error messaging in the login/reset/change password flow.
What does this PR do?
It updates default error on reset password page - so we guide people to contact library staff if an error occurs. This PR also update text on universal-login that appears conditionally at reset/change flow to include wording on avoiding repeated characters.
Ideally this messaging would be built into the password policy (illustrated in the user experience by the check boxes turning green as your password passes each password policy step ✅ ), but we have reasons for not doing this yet.
On reset/change that updated note should appear like this:
Why?
We've noticed a small amount of errors whereby Sierra rejects a changed/reset password and shows a generic 'something went wrong' error to the user. This is because Sierra has rules about 'trivial patterns' in password. Ticket: https://github.com/wellcomecollection/wellcomecollection.org/issues/7816
In this case, 'trivial patterns' are specifically repeated characters e.g. aaaa, ababab, abcabc. If you try to reset/change your password using your library account and you enter a new password with repeated characters and submit the form by clicking 'Update password', you'll get this message:
We want to improve this. We have restrictions on what we can improve as we don't have much control over the appearance of error messaging in the login/reset/change password flow.
What does this PR do?
It updates default error on reset password page - so we guide people to contact library staff if an error occurs. This PR also update text on universal-login that appears conditionally at reset/change flow to include wording on avoiding repeated characters.
Ideally this messaging would be built into the password policy (illustrated in the user experience by the check boxes turning green as your password passes each password policy step ✅ ), but we have reasons for not doing this yet.
On reset/change that updated note should appear like this: