New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Identifying users #25

govuk-design-system opened this Issue Jan 12, 2018 · 3 comments


5 participants

govuk-design-system commented Jan 12, 2018


Provide a secure service by accurately identifying users. Includes guidance on:

  • authentication
  • identity assurance/verification
  • user accounts


Anything else

@govuk-design-system govuk-design-system created this issue from a note in GOV.UK Design System Community Backlog (Agreed) Jan 12, 2018


This comment has been minimized.


owenm6 commented Mar 1, 2018

We have updated our guidance on identifying users. Most of it is around authentication -

@timpaul timpaul added the pattern label May 21, 2018


This comment has been minimized.


quis commented Sep 17, 2018

Few short observations about doing two factor authentication (I was writing this down for someone anyway so thought I might as well put it here).

By text message

Front-load the code in the text message

Do this:

12345 is your code


your code for Service Name is 12345

Call it a ‘security code’

This is friendlier than ‘2FA’ or ‘two factor’. I think Verify use this wording this as well.

Question how long the code needs to be

6 digits seems to be standard for authenticator apps. 4 or 5 feels way easier to transpose from one place to another. Anecdotally people with dyslexia find long codes troublesome.

By email

If using email for quasi-two-factor authentication make it a tokenised link, not a code that people have to copy/paste.


This comment has been minimized.


stevenaproctor commented Nov 22, 2018

This the 2 factor authentication screen from personal tax account.


Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment