From 18ba1c6d004dedf11dff7fe4f5ae88b107d744e4 Mon Sep 17 00:00:00 2001 From: "Panagiotis \"Ivory\" Vasilopoulos" Date: Thu, 7 Dec 2023 22:38:55 +0000 Subject: [PATCH] Improve text in Security settings (#28393) - en-US: Rename "Scratch Tokens" to "single-use recovery keys". Longer, but clearer. - Improve titles - TOTP: Improve description - TOTP: Inform user about Scratch Tokens to encourage TOTP usage - WebAuthn: Add loss of access warning --- options/locale/locale_en-US.ini | 17 ++++++++++------- templates/user/settings/security/twofa.tmpl | 2 ++ templates/user/settings/security/webauthn.tmpl | 1 + 3 files changed, 13 insertions(+), 7 deletions(-) diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini index 9c582a885..4f18606a4 100644 --- a/options/locale/locale_en-US.ini +++ b/options/locale/locale_en-US.ini @@ -626,11 +626,11 @@ applications = Applications orgs = Manage Organizations repos = Repositories delete = Delete Account -twofa = Two-Factor Authentication +twofa = Two-Factor Authentication (TOTP) account_link = Linked Accounts organization = Organizations uid = UID -webauthn = Security Keys +webauthn = Two-Factor Authentication (Security Keys) public_profile = Public Profile biography_placeholder = Tell us a little bit about yourself! (You can use Markdown) @@ -864,22 +864,23 @@ revoke_oauth2_grant = Revoke Access revoke_oauth2_grant_description = Revoking access for this third party application will prevent this application from accessing your data. Are you sure? revoke_oauth2_grant_success = Access revoked successfully. -twofa_desc = Two-factor authentication enhances the security of your account. +twofa_desc = To protect your account against password theft, you can use a smartphone or another device for receiving time-based one-time passwords ("TOTP"). +twofa_recovery_tip = If you lose your device, you will be able to use a single-use recovery key to regain access to your account. twofa_is_enrolled = Your account is currently enrolled in two-factor authentication. twofa_not_enrolled = Your account is not currently enrolled in two-factor authentication. twofa_disable = Disable Two-Factor Authentication -twofa_scratch_token_regenerate = Regenerate Scratch Token -twofa_scratch_token_regenerated = Your scratch token is now %s. Store it in a safe place, it will never be shown again. +twofa_scratch_token_regenerate = Regenerate Single-Use Recovery Key +twofa_scratch_token_regenerated = Your single-use recovery key is now %s. Store it in a safe place, as it will not be shown again. twofa_enroll = Enroll into Two-Factor Authentication twofa_disable_note = You can disable two-factor authentication if needed. twofa_disable_desc = Disabling two-factor authentication will make your account less secure. Continue? -regenerate_scratch_token_desc = If you misplaced your scratch token or have already used it to sign in you can reset it here. +regenerate_scratch_token_desc = If you misplaced your recovery key or have already used it to sign in, you can reset it here. twofa_disabled = Two-factor authentication has been disabled. scan_this_image = Scan this image with your authentication application: or_enter_secret = Or enter the secret: %s then_enter_passcode = And enter the passcode shown in the application: passcode_invalid = The passcode is incorrect. Try again. -twofa_enrolled = Your account has been enrolled into two-factor authentication. Store your scratch token (%s) in a safe place as it is only shown once! +twofa_enrolled = Your account has been successfully enrolled. Store your single-use recovery key (%s) in a safe place, as it will not be shown again. twofa_failed_get_secret = Failed to get secret. webauthn_desc = Security keys are hardware devices containing cryptographic keys. They can be used for two-factor authentication. Security keys must support the WebAuthn Authenticator standard. @@ -887,6 +888,8 @@ webauthn_register_key = Add Security Key webauthn_nickname = Nickname webauthn_delete_key = Remove Security Key webauthn_delete_key_desc = If you remove a security key you can no longer sign in with it. Continue? +webauthn_key_loss_warning = If you lose your security keys, you will lose access to your account. +webauthn_alternative_tip = You may want to configure an additional authentication method. manage_account_links = Manage Linked Accounts manage_account_links_desc = These external accounts are linked to your Gitea account. diff --git a/templates/user/settings/security/twofa.tmpl b/templates/user/settings/security/twofa.tmpl index 9e58a647d..2f15fe13f 100644 --- a/templates/user/settings/security/twofa.tmpl +++ b/templates/user/settings/security/twofa.tmpl @@ -16,6 +16,8 @@ {{else}} + {{/* The recovery tip is there as a means of encouraging a user to enroll */}} +

{{ctx.Locale.Tr "settings.twofa_recovery_tip"}}

{{ctx.Locale.Tr "settings.twofa_not_enrolled"}}

{{ctx.Locale.Tr "settings.twofa_enroll"}} diff --git a/templates/user/settings/security/webauthn.tmpl b/templates/user/settings/security/webauthn.tmpl index 28d8511fb..dd8b8a4e5 100644 --- a/templates/user/settings/security/webauthn.tmpl +++ b/templates/user/settings/security/webauthn.tmpl @@ -1,6 +1,7 @@

{{ctx.Locale.Tr "settings.webauthn"}}

{{ctx.Locale.Tr "settings.webauthn_desc" | Str2html}}

+

{{ctx.Locale.Tr "settings.webauthn_key_loss_warning"}} {{ctx.Locale.Tr "settings.webauthn_alternative_tip"}}

{{template "user/auth/webauthn_error" .}}
{{range .WebAuthnCredentials}}