Rule n° 96 - Two-factor authentication procedures can be restarted.

Complex authentication procedures have become very common in digital technology. You authenticate yourself once and then you receive a code or instructions on another device or via another means of access. The problem is that users are often unable to complete the operation within the required time frame. It is therefore important to ensure that the operation can be restarted to avoid any blockages.

#Basics #Conception #Development #Forms
Previous Next

Goal

  • Avoid blockages during authentication procedures.
  • Reduce frustration and abandonment.

Solution technique

Provide a mechanism for regenerating and resending (via SMS, email, authentication app) the authentication token, which can be activated by the user via a button or link labeled “Resend code.”

Beyond this rule, it is recommended to offer at least two different means of authentication (SMS, email, authentication app, etc.) in order to strengthen the resilience of the system and accessibility for all users.

Moyen de contrôle

Verify that it is possible to resend the two-factor authentication code in the login form.