Bug 233461

Summary: RFE: Usability Issues with Create New Account Form
Product: Red Hat Web Site Reporter: Máirín Duffy <duffy>
Component: SSOAssignee: Grant Shipley <gshipley>
Status: CLOSED CURRENTRELEASE QA Contact: Mark Sechrest <msechres>
Severity: medium Docs Contact:
Priority: medium    
Version: wsd239CC: inode0
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: 08142007 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-08-16 19:23:34 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Máirín Duffy 2007-03-22 15:43:25 UTC
Note: keeping bug public so customer can follow.

Description of problem:

URL: https://www.redhat.com/wapps/ugc/register.html

- if user checks of the Red Hat contact authorization checkboxes on this form,
if they are flipped back to choose another account name these checkbox
selections are lost. these selections should be persistent when the username
and/or password is rejected.

- password rejection message does not state the allowed/disallowed characters
nor the character max length limit. password rules seem strange as some non
numeric non letter characters are accepted but others are not. recommend that we
are more lenient in allowing these types of characters in passwords as it
increases potential security.

From customer:

"When filling out the new account form for "personal" accounts I'm sure I like
everyone else who tries had it fail due to the account name I chose being
already taken and it flips me back to try again. This happened over and over and
over, as it must for most people. 

"One thing I think could be better here is that while I checked the box to have
email from redhat sent to me that did not stick when I was returned to try again
so I had to reclick that every time.

"The password was another problem. That was also rejected (too good I'm sure).
:) If I enterred a password that was too short I got a nice little message
telling me it had to be at least 6 characters long. If I entered one that long
or longer that was rejected as invalid I was given no clue as to why or what
characters were allowed or not. I'm guessing '<' was not a valid character but
it would have been easier to figure out if there were a little popup or
something that just explained the rules for passwords. I still find it weird
that '<' seems bad but ':' seems good.

Comment 1 Grant Shipley 2007-04-11 17:31:08 UTC
Committed revision 17785.  (Checkbox fix)



Comment 2 Grant Shipley 2007-04-11 17:53:01 UTC
Committed revision 17792. (Password fix)

Added the following error message:
Password must be ASCII and cannot contain the following special characters (")
(<) (>) (space)

Comment 3 Máirín Duffy 2007-04-11 17:55:14 UTC
alphanumeric might be a better term to use than ASCII (jargony and I think there
are a lot more exceptions than the 4 you noted if you use 'ASCII')

I think in rhn for accounts for example we say must be alphanumeric and may
contain the characters - _ ( ) [ ] or whatnot.

just a suggestion.

Comment 4 Steve Milner 2007-04-13 20:16:55 UTC
Updated to ON_QA buy bugzillaupdater

Comment 5 srividya rapur 2007-04-16 18:01:19 UTC
verified on QA

Comment 6 Mark Sechrest 2007-05-18 17:40:26 UTC
Moving everything to ON_DEV to get revisited for the "true up" release.

Comment 7 Brenton Leanhardt 2007-07-09 14:38:18 UTC
We will reverify this for TRUUP. 

Comment 8 Brenton Leanhardt 2007-07-18 18:31:06 UTC
The TRUUP release is officially wsd239.  

Comment 9 Steve Milner 2007-07-24 20:18:40 UTC
Updated to ON_QA buy bugzillaupdater

Comment 10 Mark Sechrest 2007-08-16 19:23:34 UTC
Closed with the 8/14 release.