Versions Compared

Old Version 15

changes.mady.by.user Patricia Donohue

Saved on

compared with

New Version 16

changes.mady.by.user Patricia Donohue

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Note

This page provides a step-by-step guide for signing in to a new OpenCCC Account.

...

Steps in the Sign In Process

Step 1: Sign In Page

All users start on the Sign In page.

...

Note

User Sign In Credential Must Be Unique: Your email address or mobile phone number - whichever is preferred to sign in - must be unique to your account. Failed matches will prompt retry attempts or

...

Next: Follow the appropriate next step below.

After entry of your email address or mobile phone number, what happens next depends on the result of that first matching validation.

Tip

Your Sign In Credential is Unique: The email address or mobile number entered is a validated unique match in the system. The user is prompted to the Password page.

Note

Your Sign In Credential is NOT

...

Unique: If the system

...

finds more than one match to the email or mobile number

...

in the system

...

. The user is

...

prompted to

...

enter their legacy Username.

Note

Your Sign In Credential is NOT

...

Validated: If the system

...

can’t match

...

the email or mobile number to a validated attribute in the system

...

, the user is still prompted to

...

the Password page.

Warning

Your Sign In Credential is Not Found. If the system doesn’t recognize the credential entered, the user will still be taken to the Password page and prompted to enter their secure password. If the password entered is not recognized, the user is returned to the Sign In page to try again or click the Recover Account link.

Next: Follow the appropriate next step below.

After attempting to sign in with your email address or mobile phone number, what happens next depends on the result of that first matching validation.

Step 2: Validation Process

If Your Email Address or Mobile Number IS Unique

If the email address or mobile phone number used to sign in matches a verified, unique account in the system, the Password page is displayed and the user is prompted to enter their secure password. From a user experience, this is known as the “happy path” and applies will apply to the majority of users following after creating their initial login account to the new system.

Note

If the user forgets their password, or if the password doesn’t match their legacy account, they will be prompted to create a new password using can use the Recover Account process, or click the Forgot Your Password? flow link.

Steps:

After entering your unique, validated email or mobile number on the Sign In page:

  1. The Password page is displayed. Enter your secure password in the input field.

  2. Click “Sign In” to continue to your destination application.

...

If Your Email or Mobile Number is NOT Unique (Duplicate)

Note

While user sign in credentials must be unique to an individual, it is possible that an attribute (email or phone) was being shared with a family member in the legacy system. When this happens, the individual who signs in and validates the attribute first will take ownership of that attribute and it will be unique to their account. Any subsequent attempts to use that attribute by another user will prompt the duplicate account process described below.


How will the user know if their sign in credential is not unique (duplicate)?

If the email address or mobile phone number used for sign in is not a unique match to an account found in the system, another user has already validated that specific attribute in the new system. The system will

...

display the Username page.

Steps:

After entering your email or mobile number on the Sign In page:

  1. If the system identifies a duplicate detects that the email or mobile number provided is a duplicate in the system, the Username page is displayed.

  2. Enter your legacy username to continue.If the system does not find a duplicate, but identifies that Username in the input field. Click “Next” to go to the Password page.

  3. Enter your secure Password in the input field. Click “Sign In” to validate.

At this point, the system is queried using the email or mobile number

...

  • If an authenticated user is found to have a duplicate email or mobile number in the system and has not been validated, the UI should ask the user if they have another mobile number. If not, system should ask if they have an additional email address.

  • If user enters in a different email and/or phone, the system should query for status.

  • If not unique, the system should prompt them to contact helpdesk. 

  • If unique, the system should generate a code via the method they entered and prompt the user to validate account. 

  • Once a user successfully validates their account, the UI should advise the user that this method should be used for future sign in.

  • The system should check the users password to see if a password reset is required.

    • If password reset is not required, user should be auto logged in and proceed to where they need to go.

    • If a password reset is required, the user should be prompted to reset their password. If the password matches the new requirements, the system should save the new password in the database and the user should be auto logged in and proceed to where they need to go.

When this happens, the individual user who signs in and validates the attribute first will take ownership of that attribute and validate it. Any subsequent attempts to use that attribute by another user will get an , username, and password to try to identify the user.

If the system cannot find a match, the user can:

  • Retry the full process, re-entering the same email or mobile number, or by providing another email or mobile number. The system will query for status.

  • Click the Forgot your password? link.

  • Contact the Helpdesk for support.

If the system finds a match to the account, the system then looks to see if the attribute is then Validation Code page is displayed and a security code is sent to the user via the email or mobile number they entered.

  1. The user must obtain their six-digit security code from their email or mobile phone device.

  2. Return to the Validation Code page and enter the code in the input field. Click “Next” to validate the account. 

  3. The Update Password page is displayed. The user must reset their password with a new string of characters that meet the security requirements displayed.

  4. Click “Update Password” to save password.

  5. The user is auto-directed and auto-logged in to their original destination application.

Tip

Once a user successfully validates their account, the system will advise the user that this method should be used for future sign in.

Warning

error message and will be prompted to 1) use the other method; or 2) enter an alternate email or phone number that can be validated using the Verification process.

How will the user know that if the credential used is not unique (duplicate)?
If the email address or mobile phone number entered is not unique, an error message displays like the one shown below.

...

  1. On the Sign In page: the user enters her email address.

  2. The validation service finds the email address is being associated with two or more accounts. Error message is displayed.

  3. User has several options:

    1. Change the preferred method of contact and enter a new unique attribute. (ex: select Use email instead or Use mobile phone instead.)

    2. Click on the Recover Account link to get help recovering your sign in credentials or password.

  • The system should check the users password to see if a password reset is required.

    • If password

...

    • reset is not required, user should be auto logged in and proceed to where they need to go.

    • If a password reset is required, the user should be prompted to reset their password. If the password matches the new requirements, the system should save the new password in the database and the user should be auto logged in and proceed to where they need to go.

If Your Email or Mobile Number is Not Validated

Image RemovedIf the system detects that the email address or mobile phone number used to sign in has not been validated, the user will be directed to the Password page and prompted to enter their password. If the password is identified, the user will be authenticated but required to validate the attribute they used to sign in.

Note

Reminder: Sign in credentials must be unique to an individual and validated to verify the individual’s identity.

Steps:

After entering an email or mobile number on the Sign In page:

  1. The Password page is displayed. Enter your secure password, then click “Sign In”. The user has been authenticated but must continue to validate the attribute before auto-login to their destination.

  2. If the system does not find a duplicate, but does identify that the email or mobile number has not been validated, the Validation Code page is displayed with the following message:

    “We were able to locate your account. Enter the verification code sent to [partially masked email]. If you didn’t get the [email], check your junk folder or resend or try again.”

...

4. The system sends the user an email with a time-sensitive security (validation) code.

...

5. Return to the Validation Code page and enter the six-digit security code in the Validation Code input field.

6. Click “Next” to continue.

7. The user is taken to the Edit Profile page to confirm that the attribute has been validated and verified. The user can then accept the attribute as the Preferred Method of Contact, or choose to verify a valid mobile phone number as the preferred method.

If Your Email or Mobile Number is Not Found

...

Step 2: Enter Your Secure Password

...