Terrible password reset process

The password reset process for these forums is terrible.

I couldn’t remember my password. So I clicked the “Forgot password” link and I got a 1990s style pop out window that looked like this https://paste.opensuse.org/4002088 Note how the page content doesn’t fit in the window. Note how there are no scrollbars on the window. After resizing the window I found a field to enter my username in to and a submit button. That got me to this https://paste.opensuse.org/57320728 Again the content doesn’t fit in the window and there are still not scrollbars. I have a 1920x1200 monitor. When I maximized the window, the “Finish” button at the bottom of the form was just visible, which makes me wonder how this would be usable on any screen with vertical res less than 1200.

Initially I had no idea what the answer to the security was. So I found another link for having forgotten both my username and password, put in my email address and was then emailed both security question and the answer. Which is bad security because that info doesn’t automatically expire. It’s been emailed to a GMail account, so even if I delete it it’s probably not really deleted. So now I need to change the security question and/or answer, and if I need it again in future I’ll probably have forgotten it. The security question mechanism is awful. Why not email people a one time automatically expiring link?

I’m not disagreeing. I have not forgotten my password, so I have not run into this “problem”.

However – the opensuse forums don’t really do passwords. They redirect you to other sites for the authentication. Notice that your page for fixing the password was a “suse.com” page, rather than an “opensuse.org” page.

As far as I know, “suse.com” doesn’t really do passwords either. It is handled at microfocus.com (which bought attachmate.com, which bought novell.com which once owned SuSE.com). So you were seeing a suse front-end to the real backend at microfocus.com.

It may well be a mess, held together with baling wire and chewing gum (to use the old saying). But it is probably hard to change because of that complexity.

I remember Suse related content being migrated to novell.com and then later migrated back to suse.com :slight_smile: , but I hadn’t considered it as a factor. It means the password reset isn’t just terrible user experience for people on these forums, it’s terrible for people on all the Suse/Novell/Attcahmate/Microfocus as well and probably terrible on the backend too. But to put a more positive spin on it, making it less terrible would bring a benefit in lots of places.

Making it more usable seems like it ought not to be too difficult. Just just making the stuff I screenshotted open in the same window/tab, or even a proper new window/tab instead of the chrome-less scrollbar-less pop out thing, would make it lot more usable and that seems like it should take no more than minor changes to some HTML. I have no idea how complicated the process required to make changes to the Suse/Novell/Attcahmate/Microfocus website(s) is though. I appreciate there’s (hopefully!) more to it than someone opening a .html file in their editor of choice, tweaking it and saving it.

FYI there is some ongoing effort within Micro Focus and SUSE to update the
process and fix it, but now with the Micro Focus / HPEs merger complete it just
adds to all the complexity for a single signon process. It’s going to happen,
I just don’t know when. nickert is correct in that these forums rely on the
SUSE login process which relies on the Micro Focus login process, so it’s out
of our hands. However, that’s good feedback to pass up the chain to let the
powers that be know it’s an annoying issue.

Kim - 11/20/2017 9:03:09 AM