Goal
- Avoid blockages during authentication procedures.
- Reduce frustration and abandonment.
Implementation
Provide a mechanism for regenerating and resending (via SMS, email, authentication app) the authentication token, which can be activated by the user via a button or link labeled “Resend code.”
Beyond this rule, it is recommended to offer at least two different means of authentication (SMS, email, authentication app, etc.) in order to strengthen the resilience of the system and accessibility for all users.
Control
Verify that it is possible to resend the two-factor authentication code in the login form.Discover Opquast training and certification
The objective of these rules and the Opquast community mission is ‘making the web better’ for your customers and for everyone! Opquast rules cover the key major areas of risk that can negatively affect website users such as privacy, ecodesign, accessibility and security.
Opquast training has already allowed over 19,000 web professionals to have their skills certified. Train your teams, contact us
We offer a 1 hour free discovery module.