New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Identifying users #25

Open
govuk-design-system opened this Issue Jan 12, 2018 · 3 comments

Comments

5 participants
@govuk-design-system
Collaborator

govuk-design-system commented Jan 12, 2018

What

Provide a secure service by accurately identifying users. Includes guidance on:

  • authentication
  • identity assurance/verification
  • user accounts

Why

Anything else

@govuk-design-system govuk-design-system created this issue from a note in GOV.UK Design System Community Backlog (Agreed) Jan 12, 2018

@owenm6

This comment has been minimized.

Collaborator

owenm6 commented Mar 1, 2018

We have updated our guidance on identifying users. Most of it is around authentication - https://home-office-digital-patterns.herokuapp.com/patterns/identifying-users

@timpaul timpaul added the pattern label May 21, 2018

@quis

This comment has been minimized.

Member

quis commented Sep 17, 2018

Few short observations about doing two factor authentication (I was writing this down for someone anyway so thought I might as well put it here).

By text message

Front-load the code in the text message

Do this:

12345 is your code

Not

your code for Service Name is 12345

Call it a ‘security code’

This is friendlier than ‘2FA’ or ‘two factor’. I think Verify use this wording this as well.

Question how long the code needs to be

6 digits seems to be standard for authenticator apps. 4 or 5 feels way easier to transpose from one place to another. Anecdotally people with dyslexia find long codes troublesome.

By email

If using email for quasi-two-factor authentication make it a tokenised link, not a code that people have to copy/paste.

@stevenaproctor

This comment has been minimized.

Collaborator

stevenaproctor commented Nov 22, 2018

This the 2 factor authentication screen from personal tax account.

image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment