New Features in WoltLab Suite 6.1: User Authentication Overhaul

User authentication allows users to log in and register in the software. In addition to the login form and the registration form, this also includes other functions such as the “lost password” function or multi-factor authentication. All these functions have in common is that they should be as user-friendly as possible in order to make it easier for newer users in particular to log in or register.

The confidentiality of access credentials is equally important, which is why we have also focused on ensuring that no user-generated content appears on these subpages. This ensures that even in the event of vulnerabilities, such as cross-site scripting attacks, access credentials cannot be stolen.

With WoltLab Suite 6.1, we have fundamentally revised the pages and forms that are part of user authentication, which we would like to present in more detail in this article.

Login

Like all user authentication pages, the new login form uses a simplified layout that is intended to focus on the function of the respective page. The new login form does away with the two-column layout. Instead, the link to registration is now located directly below the page title and the option to log in via a third-party provider below the form.

Old login form Old login form

New login form New login form

Registration

Registration can now be accessed directly via a link in the header and no longer requires a detour via the login form. In addition, the registration no longer has an upstream page for the terms of use or disclaimer. Instead, the user can confirm the terms of use via a checkbox in the form, as is now common practice.

The new registration form has been streamlined and reduced to the essential components. There are no unnecessary sections and the double prompt for the email address and password has been removed. The latter were no longer up to date due to the modern auto-complete features of browsers, for example.

For reasons of convenience, a link at the top of the page allows users to quickly switch to the login form. For the first time, registration via third-party providers is also available in the registration form, previously this was only possible via the login form.

Old register form Old register form

New register form New register form

Multi-factor Authentication

The previous multi-factor authentication looked a bit like a foreign body, which is why we have fundamentally revised the layout. Instead of tabs, the various options can now be selected via buttons below the form.

Old multi-factor authentication Old multi-factor authentication

New multi-factor authentication New multi-factor authentication

Comments 2

It looks neater and better. So a thumbs up from me.

Great! A big step forward! Thanks!