> The user can be sent to the "account locked" screen as the result of three > actions: > 1) sign in > 2) delete account (from settings) > 3) change password (from settings)
Thanks for this! I updated the flow to accommodate the additional cases. > I imagine the original tab, if still open and verification occurs in the same > browser, should complete whatever it was trying to do. This is definitely tricky, especially when it comes to deleting the account. Thinking through the currently known scenarios, and that locked accounts will not happen often, it’s probably best to keep it simple, and just show the same experience for all users. The user attempts to perform a high-security action and is informed that the account is in “lockdown”. Clicking the email unlocks the account, and if they are attempting a delete or change password, they can then try it again. So what I’m proposing is that we introduce the Lockdown screen as soon as the user clicks the Delete Account or Change Password link, and not after they have initiated the action. Make sense? Link again: https://www.lucidchart.com/documents/view/a8190a33-b8f3-448c-bc9c-474528e46d37 Ryan _______________________________________________ Dev-fxacct mailing list [email protected] https://mail.mozilla.org/listinfo/dev-fxacct
