[Adding darshana] On Thu, Apr 28, 2016 at 12:08 PM, Malithi Edirisinghe <[email protected]> wrote:
> > Hi All, > > I'm working on supporting user information recovery scenarios in IS user > portal [1]. > > While discussing on the user aspects of password recovery with security > questions, with UX team we came across the below concern. > > 1. Should we view all of the security questions chosen by the user, from > each question set, in the same page > > 2. Should we view the question chosen from each question set in a separate > page, and make the user to go page by page answering each question > > If we chose option (1) we should be able to verify user answers for all > the questions in a one step. If all are answered properly we will let the > user to proceed, or else we will notify the user that he has not correctly > answered to one or more, in the next page. > If we chose option (2) in each step we will verify the user's answer to > the question prompted. If the first one is properly answered prompt the > second question and let him to proceed similarly or else break the flow. > > However, with information recovery service implementation at IS , we can > only support option (2) at the moment. > But, as it seems most of the sites opt for option (1). > > We would like to clarify on which option we should proceed with. Also, > would like to clarify on any security concerns with regard to above options. > > Appreciate your thoughts. > > > [1] https://wso2.org/jira/browse/IDENTITY-3300 > > Thanks, > Malithi. > -- > > *Malithi Edirisinghe* > Senior Software Engineer > WSO2 Inc. > > Mobile : +94 (0) 718176807 > [email protected] > -- *Malithi Edirisinghe* Senior Software Engineer WSO2 Inc. Mobile : +94 (0) 718176807 [email protected]
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
