Closed
Bug 1152963
Opened 9 years ago
Closed 9 years ago
[Sync] Managed account > change password: don't ask double password before change the old password
Categories
(Cloud Services :: Server: Firefox Accounts, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 995993
People
(Reporter: kensan, Unassigned)
Details
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 Build ID: 20150401154227 Steps to reproduce: 1) have a firefox sync account working 2) preferences > Sync > Manage Account > Change password... 3) enter the same password but short: example: old password: password123 4) enter password1 5) press return Actual results: The password new password is accepted Expected results: The new password could be not accepted, only two identical password must to be accepted. If you reenter "password1" the program show you "the password must not to be identical to the old password. Sync on Firefox 31.6.0
|
||
Updated•9 years ago
|
Component: Untriaged → Firefox Sync: Crypto
Product: Firefox → Mozilla Services
Version: 31 Branch → unspecified
|
||
Updated•9 years ago
|
Component: Firefox Sync: Crypto → Server: Firefox Accounts
|
||
Comment 1•9 years ago
|
||
:sandro - thanks for the bug report. Could you further explain the problem? Do you see this with "change password", or "reset password?" My test cases, using the original password "password123". Test1 - change password - old & new password are "password123" Result: Error - "Your new password must be different" Test2 - change password - old password "password123", new password "password1" Result: Success - "Password changed successfully" Test3 - change password - old password "password1", new password "password1" Result: Error - "Incorrect password" Test4 - change password - old password "password1", new password "password123" Result: Error - "Incorrect password" Test5 - reset password - password "password123", verify password "password123" Result: Success - "Account verified successfully" Test6 - reset password - password "password123", verify password "password1" Result: Error - "Passwords do not match" Those are all as expected.
Flags: needinfo?(kensan)
|
Reporter | |
Comment 2•9 years ago
|
||
Hello Shane, tanks for your attention. This is what I have surprise me: password is: password123 enter new password: password1 http://www.kensan.it/tmp/change_pwd_1.png press: Return (expected: password don't match) (result: like in picture 2) http://www.kensan.it/tmp/change_pwd_2.png Windows change pwd disappear. Reopen change password... reenter new password: password1 (expected: pwd can't match current password) (result like expected, see pic 3) http://www.kensan.it/tmp/change_pwd_3.png Windows change your password disappear, reopen change pwd, reenter old password: password123 confirm pwd: password123 (expected button change password is not shadow) (result like expected, see pic 4) http://www.kensan.it/tmp/change_pwd_4.png change successful. *** So I have change my old password without enter two times my new password. It is not like I'm expected.
Flags: needinfo?(kensan)
|
|
||
Comment 3•9 years ago
|
||
Thanks for the quick response Sandro. The decision to use only two password fields instead of three has been brought up by several folks. The important discussion takes place in https://github.com/mozilla/fxa-content-server/issues/1150 and https://bugzilla.mozilla.org/show_bug.cgi?id=995993. The summary version is - a single password field, although not common, is intended. The "show/hide" button is meant to help users verify their password is correct before hitting submit. I realize this explanation does little to address your concern. We have had several people give us similar feedback. Ryan Feeley (our UX designer) and I are planning to test several variants of the passwords UX over the next couple of months. We want to ensure our users have the best possible experience. I'm closing this as a dup of #995993. That bug was closed as WONTFIX because the single password field is intended.
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Resolution: --- → DUPLICATE
|
|
Reporter | |
Comment 4•9 years ago
|
||
(In reply to Shane Tomlinson [:stomlinson] from comment #3) > Thanks for the quick response Sandro. Tanks to you. > The decision to use only two password > fields instead of three has been brought up by several folks. I understand. There is only one field for the pwd, the second field is optional. > The summary version is - a single password field, although not common, is > intended. The "show/hide" button is meant to help users verify their > password is correct before hitting submit. It is not common to have only one field and to show the second field that make confusion. I have pressed the return key accidentally, so I have change my old pwd with a unknown new pwd. I add that the new pwd is not show like you can see in pic 2 http://www.kensan.it/tmp/change_pwd_2.png So if you press Return key accidentally you might to recreate a new account or to travel into the Internet to ask the procedure to retrieve the password or to change the password with a known pwd. > I realize this explanation does little to address your concern. We have had > several people give us similar feedback. Ryan Feeley (our UX designer) and I > are planning to test several variants of the passwords UX over the next > couple of months. We want to ensure our users have the best possible > experience. Very good, this is my suggestion: Don't permit to change the pwd when user press the return key when only one pwd field is filled. Kind regards and tanks for the time spent to answer me.
You need to log in
before you can comment on or make changes to this bug.
Description
•