Picto thématique

Rule n° 96 - Two-factor authentication procedures can be restarted.

Complex authentication procedures have become very common in digital technology. You authenticate yourself once and then you have to receive a code or instructions on another device or via another means of access. The problem is that users are often unable to complete the operation within the required time frame. It is therefore important to ensure that the operation can be restarted to avoid any blockages.

#Conception #Development #Forms

Goal

  • Avoid blockages during authentication procedures.
  • Reduce frustration and abandonment.

Implementation

Provide a mechanism for regenerating and resending (via SMS, email, authentication app) the authentication token, which can be activated by the user via a button or link labeled “Resend code.”

Beyond this rule, it is recommended to offer at least two different means of authentication (SMS, email, authentication app, etc.) in order to strengthen the resilience of the system and accessibility for all users.

Control

Verify that it is possible to resend the two-factor authentication code in the login form.

By Opquast - Read the license


Discover Opquast training and certification

The objective of these rules and the Opquast community mission is ‘making the web better’ for your customers and for everyone! Opquast rules cover the key major areas of risk that can negatively affect website users such as privacy, ecodesign, accessibility and security.

Opquast training has already allowed over 19,000 web professionals to have their skills certified. Train your teams, contact us

We offer a 1 hour free discovery module.