fast-auth-signer
fast-auth-signer copied to clipboard
Exploration: Enter PIN code from email
Description
Design exploration for replacing the email link verification with a PIN code entry. In the future we may still consider the email link as an additional option for verification. Problem: Clicking the link from an email to authenticate the user leads to misaligned sessions, sometimes launching in a third-party browser and requiring the user to re-input their email.
User Story
As a user, I want to securely authenticate my account using a PIN code sent to my email, so that I can easily access my account on any device and avoid a fragmented user experience.
Acceptance Criteria
- A 6-digit PIN code is sent to the user's email immediately after they enter their email address.
- The PIN code expires and resets 5 minutes after being sent.
- Users can enter the PIN on any device to complete authentication.
- Upon successful PIN entry, users are directed to their desired action (e.g., sign in, account creation).
- An error message is displayed for an incorrect or expired PIN, with an option to resend a new PIN.