Enough overdue bug fixes today to warrant their own blog post…

Indiid Explore was trying to guess “WAYFless” URLs to other parts of Indiid, and was getting them wrong. There weren’t even needed. Explore now links directly to Account and Organise so things work properly again.

The section of Signup that lets new users choose passwords has been greatly simplified. Most people signing up want to get started quickly and don’t want to set up a more elaborate two-factor/two-step login straight away, so now we’re only giving fully-featured control of this in the Account app. The number of login methods available during signup has also been reduced. If a new user chooses the Simple UI option they aren’t even asked to choose a login method - they only get a page explaining Passphrase Messages, the simplest type. Most importantly, people should get the password they actually picked - earlier versions had a form that wouldn’t automatically use the new passwords that were created.

Similar problems with changing password types in Account should also now be fixed, although that section of Account still needs to be greatly improved and simplified. We managed to break the Javascript fancy-extras on the password configuration pages in the previous version of Account; quality meters and suggestions should now work again. Credential testing, default passwords and inactive passwords aren’t good enough yet for normal use, so they’ll only be seen by users who have chosen Beta UI mode. We need to spend a lot more time on Account but for now things should be less confusing at least.

Hopefully the only significant remaining bug is that new accounts often trigger the anti-password-guessing lockout straight away, causing new users to wait for 5 minutes before logging in. This should be fixed pretty soon, as part of a new release of the Login part of Indiid.net.