This has been true at least since D7...

On the user/password page, the button say s "E-mail new password".

In D7 it's in user.pages.inc user_pass(). In D8 it is in core/modules/user/lib/Drupal/user/Form/UserPasswordForm.php

Either way, it's wrong. What you are actually getting by email is not a new password, but a link that allows you to log in.

Suggested text for button:

Request password reset

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

jmarkel’s picture

Updated the button text as well as the tests that depend on that text - SiteMaintenanceTest and UserPasswordResetTest.

jmarkel’s picture

Status: Active » Needs review
jmarkel’s picture

Added a patch for D7 as well.

jhodgdon’s picture

Status: Needs review » Reviewed & tested by the community

Thanks for the quick patch! +1000 from me!

I am going to be bold and mark it RTBC.

Xano’s picture

webchick’s picture

Status: Reviewed & tested by the community » Needs review
Issue tags: -ui-text usability +Usability

Fixing tag to clue in the UX team on this issue. It may seem pedantic, but since this is a very user-facing string, it's probably good to spend a bit of time (not too much) to get it right.

And, hm. While the new text is certainly more accurate, searching Google for "Request password reset" (quoted) only returns 347,000 results. This implies this is not really standard terminology used by others.

What if we just named the button something really super boring like "Submit"? The page title is "Request new password" which already tells you what you are doing here.

I'm not that fussed either way, so if there are no better ideas within a week or so, we can go with this.

Bojhan’s picture

I am not sure about this change.

1) It seems like an uncommon label it focuses on the very technical "request" rather than the action of getting a new password.

2) It doesn't specify the medium. Clicking this button could result in anything, nothing indicates that I will get an e-mail.

I think both, will result in a decrease in usability - even though we are more accurate.

jhodgdon’s picture

OK. But the current button is just plain wrong. You are not getting a new password by email -- to me, that text is very scary -- I wouldn't want a site to email me my password, for security reasons.

But I agree that you are also not resetting your password.

What you are getting emailed is a link that will let you log in.

What would you suggest? Maybe "E-mail one-time login link"?

jmarkel’s picture

I'm happy to re-roll the patches with new button text - I'm not a UX person and don't have a strong feeling about this beyond that jhodgdon's point is correct - the text should somehow elucidate what's really going to happen...

Bojhan’s picture

I am just wondering, this is on a page right? Maybe we shouldn't be just relabeling the button but making the page more clearer?

jhodgdon’s picture

I came to the same conclusion thinking about this... So let's make sure the page explains what will happen, and change the button text to something generic like "submit"?

jhodgdon’s picture

Status: Needs review » Needs work
jmarkel’s picture

Assigned: Unassigned » jmarkel

I'll get on new patch(es) this evening - if anyone's in a rush, feel free to preempt me :-)

jhodgdon’s picture

Great, thanks!

When you post a new patch, Before and After screen shots of the page would be very helpful for usability review.

Bojhan’s picture

@jhodgdon Agreed :)

jmarkel’s picture

Assigned: jmarkel » Unassigned
Status: Needs work » Needs review
FileSize
4.24 KB
249.18 KB
267.83 KB

Here's a re-rolled D8 patch, with before and after screenshots. The password reset page now includes some explanatory text and the button simply says "Submit."

Shyamala’s picture

Works perfectly, attached before & after screen shots.

jhodgdon’s picture

This is *much* better. However:
- The tab title still says "request new password". Probably it would be more accurate, and much more like everywhere else on the web, if it said something like "Forgot your password?". If we don't want a question there, maybe "Reset your password" would work, which would at least be consistent with the new text.
- I think it should say "user name" not "username".

jmarkel’s picture

Assigned: Unassigned » jmarkel

I'm down with those changes for the most part, but not with changing 'username' to 'user name.' I get your point but it would be inconsistent with pretty much every other usage in the system. There are 800-odd uses of 'username' and only 63 of 'user name' and the latter is primarily used in comments rather than in UI text.

jmarkel’s picture

I changed the text to 'Reset your password' rather than the more casual 'Forgot your password?' I've no objection to the latter, it just seemed out of character for the system as a whole. If consensus is for 'Forgot your password?' I'm cool with it.

Anyway, here's a new patch, with "after" screenshots for the three use cases that were changed - 1) Anon password reset request from /user, 2) Password reset request from login block, and 3) Authenticated user password reset request from /user

jmarkel’s picture

Assigned: jmarkel » Unassigned
jhodgdon’s picture

Thanks for the research and the new patch! This all looks good to me. I was a bit confused though... in the "after-logged-in" screen shot, there is still a "log in" tab visible??? That has nothing to do with this issue though...

Anyway, I'm +1 on accepting this patch. I looked over the patch and the screen shots, and I think it is all consistent and it definitely makes more sense than it did before.

jmarkel’s picture

Yeah - There's something going on with the routes for the local tasks, and code that seems to think that /user/password will only be called for anon users ... clearly not a correct assumption :-). But it's also not really related to this specific issue, so I'm thinking maybe this should be RTBC'ed if possible and we can move on to that after. My 2 cents, anyway.

jhodgdon’s picture

Well, we need someone else to mark it RTBC. Last time I did so, it was overruled by the Usability team.

jhedstrom’s picture

Status: Needs review » Needs work
Issue tags: +Needs reroll

Patch no longer applies.

rpayanm’s picture

Status: Needs work » Needs review
Issue tags: -Needs reroll
FileSize
8.09 KB

Status: Needs review » Needs work

The last submitted patch, 26: 2131849-26.patch, failed testing.

jhodgdon’s picture

Looks like there's still a test depending on the old text being there.

rpayanm’s picture

Status: Needs work » Needs review
FileSize
683 bytes
8.11 KB
jhodgdon’s picture

Status: Needs review » Needs work

So. It looks like this patch still says "Request new password" in at least one place. ?!?

++ b/core/modules/user/src/AccountForm.php

-        $request_new = $this->l($this->t('Request new password'), new Url('user.pass', array(), array('attributes' => array('title' => $this->t('Request new password via email.')))));
-        $current_pass_description = $this->t('Required if you want to change the %mail or %pass below. !request_new.', array('%mail' => $protected_values['mail'], '%pass' => $protected_values['pass'], '!request_new' => $request_new));
+        $request_new = $this->l($this->t('Request new password'), new Url('user.pass',
+          array(), array('attributes' => array('title' => $this->t('Request new password via email.'))))
+        );
+        $current_pass_description = $this->t('Required if you want to change the %mail or %pass below. !request_new.',
+          array(
+            '%mail' => $protected_values['mail'],
+            '%pass' => $protected_values['pass'],
+            '!request_new' => $request_new)
+        );

Let's fix that, and then some before/after screen shots of all pages that change would be helpful.

rpayanm’s picture

Status: Needs work » Needs review
FileSize
1.65 KB
8.11 KB

umm my mistake...

rpayanm’s picture

FileSize
8.11 KB

problems with the testbot.

The last submitted patch, 31: 2131849-31.patch, failed testing.

rpayanm’s picture

FileSize
683 bytes
8.13 KB

The last submitted patch, 32: 2131849-32.patch, failed testing.

jhodgdon’s picture

OK, the patch looks better now, thanks!

So, this issue could use:
a) before/after screen shots of affected pages
b) beta evaluation added to the issue summary, see https://www.drupal.org/contribute/core/beta-changes

rpayanm’s picture

FileSize
12.92 KB
15.23 KB

Before:
reset password before

After:
reset password after

rpayanm’s picture

FileSize
20.88 KB
20.58 KB
14.09 KB

After:
before

Before:
after

and this remains the same:
same

nitishchopra’s picture

The patch looked to be fine and the button text i s displaying correctly!!

nitishchopra’s picture

Status: Needs review » Reviewed & tested by the community

Status: Reviewed & tested by the community » Needs work

The last submitted patch, 34: 2131849-34.patch, failed testing.

penyaskito queued 34: 2131849-34.patch for re-testing.

jhodgdon’s picture

Status: Needs work » Reviewed & tested by the community

Test passed this time, back to previous status.

Status: Reviewed & tested by the community » Needs work

The last submitted patch, 34: 2131849-34.patch, failed testing.

rpayanm queued 34: 2131849-34.patch for re-testing.

rpayanm’s picture

Status: Needs work » Reviewed & tested by the community

again.

Status: Reviewed & tested by the community » Needs work

The last submitted patch, 34: 2131849-34.patch, failed testing.

rpayanm queued 34: 2131849-34.patch for re-testing.

The last submitted patch, 34: 2131849-34.patch, failed testing.

rpayanm queued 34: 2131849-34.patch for re-testing.

rpayanm’s picture

Status: Needs work » Reviewed & tested by the community

and again.

Status: Reviewed & tested by the community » Needs work

The last submitted patch, 34: 2131849-34.patch, failed testing.

adci_contributor queued 34: 2131849-34.patch for re-testing.

rpayanm’s picture

Status: Needs work » Reviewed & tested by the community

and again.

alexpott’s picture

Status: Reviewed & tested by the community » Fixed

Committed 666f423 and pushed to 8.0.x. Thanks!

Thanks for adding the beta evaluation.

diff --git a/core/modules/user/src/AccountForm.php b/core/modules/user/src/AccountForm.php
index ac16e4e..7cf5ad6 100644
--- a/core/modules/user/src/AccountForm.php
+++ b/core/modules/user/src/AccountForm.php
@@ -141,7 +141,8 @@ public function form(array $form, FormStateInterface $form_state) {
           array(
             '%mail' => $protected_values['mail'],
             '%pass' => $protected_values['pass'],
-            '!request_new' => $request_new)
+            '!request_new' => $request_new,
+          )
         );
       }

Fixed to implement our coding standards on commit.

  • alexpott committed 666f423 on 8.0.x
    Issue #2131849 by rpayanm, jmarkel, Shyamala: User password reset form...

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.

David_Rothstein’s picture

Note that a "semi-backport" of this to Drupal 7 is currently being discussed at #734536: Terminology wrong around "Request new password" (which this issue was probably originally a duplicate of).