Hi,

after I enabled ga login on my site and after some weeks of use, I have found that the explanation is insufficient.

  • Even if it says GA Login it seems not clear enough to some users, that they would have to use the code created by the Google Authentificator for login. I would suggest to change the simple "Code" in the login page to "Google Authenticator Code" or something similar.
  • on the page where you create the code it only says "Everytime you submit this form a new key will be generated!". I think also some explanation should be included. Linking to this page http://support.google.com/accounts/bin/answer.py?hl=en&answer=1066447 is a good start.
  • Not everybody has an Android, iPhone or Blackberry. I think also linking to this Java Desktop application would be nice: http://blog.jcuff.net/2011/09/beautiful-two-factor-desktop-client.html
  • The test login is nice but does it really needed to have a menu navigation link? I think providing a simple link in the user panel would be better. I think best would be to redirect to the test login page, after a secret was setup and approved by the user. One line of code setting in the $form the redirect.

I hope you understand my request. But the last week I really received many mails asking to reset the Login code because the users are playing around without knowing what they are doing.

best
martin

Comments

attiks’s picture

Assigned:Unassigned» Jelle_S

I updated the project page with the new link

Martin Klinkigt’s picture

Hi,

thank you for this update of the project page. However, my focus was more the code itself. Guiding the users first to the project page and then back to my own website is not so convenient.

Best

attiks’s picture

Of course, the issue is still active and will be fixed ASAP ;-)

Martin Klinkigt’s picture

Thank you and also I have to apologize. I though you misunderstood me.

best
Martin

Jelle_S’s picture

All points but your last was fixed. The test login is only for users who can create login codes for other users, so that they can test these codes as well (since they probably don't know the password of the other users), meaning the link is only visible for site admins / moderators / people with a high permission level.

Jelle_S’s picture

Status:Active» Fixed

Status:Fixed» Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

Martin Klinkigt’s picture

Hi,

I am sorry if I do not understand something, but actually where is the explaination of the ga login on my site?
I updated to the latest version and still receive many questions:

- where do I get the login code?
- what is TOTP
- what is HOTP

Users are lazy and do not like to leave the site to read some explanation somewhere else.
I really like the Google Authenticator. From its functions it is complete and works well, but the missing explanation makes me most work recently.

Furthermore, I received a very good feedback how to improve the documentation of GA Login: Extending the current to step approach to a 3 step approach. The new step will be the very first one:

put a three-step-instruction plus a short introduction on where user need to configure the GA. (should be on that GA-login part) The first time I saw it, I was totally lost. Only one thing on my mind, that is I need the code. (I really don't care how it works, and why it is essential). At that time, I need a hint on what it is, or better, how I should do. If there's a Install-Scan-Bingo step to step instruction, I won't have such a hard time.

Basicly, put on the first page all the links and explaination you currently have here in drupal.org to describe the module. Add information about TOTP and HOTP. On the second page let the user select the code type, the third page is to confirm it.

best
Martin

Martin Klinkigt’s picture

Status:Closed (fixed)» Needs work
attiks’s picture

@Martin, we'll try to fix this asap, but not much time right now, if you can provide a patch, that would be awesome.

Jelle_S’s picture

Status:Needs work» Fixed

I added the third step to the form as you suggested. If you think the documentation is still insufficient or can be improved, feel free to reopen this issue. Marking as fixed for now.

Status:Fixed» Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.