From 62515361d1db62ac15a61b34f1bb4d517c111065 Mon Sep 17 00:00:00 2001
From: Jessica Dembe <jessica.dembe@gsa.gov>
Date: Thu, 14 Mar 2024 10:42:39 -0400
Subject: [PATCH 1/7] Make revisions on MFA selection screen

changelog: User-Facing Improvements, authentication, align language for security key
---
 app/presenters/two_factor_options_presenter.rb            | 4 ++++
 .../users/two_factor_authentication_setup/index.html.erb  | 2 ++
 config/locales/mfa/en.yml                                 | 5 +++--
 config/locales/mfa/es.yml                                 | 7 ++++---
 config/locales/mfa/fr.yml                                 | 8 ++++----
 config/locales/two_factor_authentication/en.yml           | 4 ++--
 config/locales/two_factor_authentication/es.yml           | 4 ++--
 config/locales/two_factor_authentication/fr.yml           | 4 ++--
 8 files changed, 23 insertions(+), 15 deletions(-)

diff --git a/app/presenters/two_factor_options_presenter.rb b/app/presenters/two_factor_options_presenter.rb
index 56a4567a328..893607a0f25 100644
--- a/app/presenters/two_factor_options_presenter.rb
+++ b/app/presenters/two_factor_options_presenter.rb
@@ -71,6 +71,10 @@ def intro
     end
   end
 
+  def recommendation
+    t('mfa.recommendation')
+  end
+
   def show_cancel_return_to_sp?
     phishing_resistant_only? || piv_cac_required?
   end
diff --git a/app/views/users/two_factor_authentication_setup/index.html.erb b/app/views/users/two_factor_authentication_setup/index.html.erb
index eb9cdb8bdc7..79734d05b7f 100644
--- a/app/views/users/two_factor_authentication_setup/index.html.erb
+++ b/app/views/users/two_factor_authentication_setup/index.html.erb
@@ -14,6 +14,8 @@
 
 <p class="margin-bottom-0"><%= @presenter.intro %></p>
 
+<p class="margin-top-3"><%= @presenter.recommendation %></p>
+
 <% if @presenter.two_factor_enabled? %>
   <h2 class="margin-top-2 margin-bottom-1">
     <%= t('headings.account.two_factor') %>
diff --git a/config/locales/mfa/en.yml b/config/locales/mfa/en.yml
index 18aec7dc75d..22caec4b5c1 100644
--- a/config/locales/mfa/en.yml
+++ b/config/locales/mfa/en.yml
@@ -5,8 +5,9 @@ en:
       locked out of your account if you lose one of your methods.
     add: Add another method
     info: Add another layer of security by selecting a multi-factor authentication
-      method. We recommend you select at least two different options in case you
-      lose one of your methods.
+      method.
+    recommendation: We recommend you select at least two different options in case
+      you lose one of your methods.
     second_method_warning:
       link: Add a second authentication method.
       text: You will have to delete your account and start over if you lose your only
diff --git a/config/locales/mfa/es.yml b/config/locales/mfa/es.yml
index f7fd720f821..cba83ed2880 100644
--- a/config/locales/mfa/es.yml
+++ b/config/locales/mfa/es.yml
@@ -4,9 +4,10 @@ es:
     account_info: Agregar otro método de autenticación evita que se le bloquee el
       acceso a su cuenta si pierde uno de sus métodos.
     add: Agregar otro método
-    info: Agregue otro nivel de seguridad seleccionando un método de autentificación
-      de varios factores. Le recomendamos seleccionar al menos dos opciones
-      diferentes en caso de que pierda uno de los métodos.
+    info: Añada una capa adicional de protección a su cuenta de Login.gov al
+      seleccionar un método de autenticación multifactor.
+    recommendation: Le recomendamos seleccionar al menos dos opciones diferentes en
+      caso de que pierda uno de los métodos.
     second_method_warning:
       link: Agregue un segundo método de autenticación.
       text: Deberá eliminar su cuenta y comenzar de nuevo si pierde su único método de
diff --git a/config/locales/mfa/fr.yml b/config/locales/mfa/fr.yml
index 8d665f2b40e..612920afeee 100644
--- a/config/locales/mfa/fr.yml
+++ b/config/locales/mfa/fr.yml
@@ -4,10 +4,10 @@ fr:
     account_info: L’ajout d’une autre méthode d’authentification vous empêche d’être
       bloqué sur votre compte si vous perdez l’une de vos méthodes.
     add: Agregar otro método
-    info: Ajoutez une autre couche de sécurité en sélectionnant une méthode
-      d’authentification multi-facteurs. Nous vous recommandons de sélectionner
-      au moins deux options différentes au cas où vous perdriez l’une de vos
-      méthodes.
+    info: Ajoutez une couche de protection supplémentaire à votre compte Login.gov
+      en sélectionnant une méthode d’authentification à plusieurs facteurs.
+    recommendation: Nous vous recommandons de sélectionner au moins deux options
+      différentes au cas où vous perdriez l’une de vos méthodes.
     second_method_warning:
       link: Ajoutez une deuxième méthode d’authentification.
       text: Vous devrez supprimer votre compte et recommencer si vous perdez votre
diff --git a/config/locales/two_factor_authentication/en.yml b/config/locales/two_factor_authentication/en.yml
index 1f763b1356c..4ef615402a5 100644
--- a/config/locales/two_factor_authentication/en.yml
+++ b/config/locales/two_factor_authentication/en.yml
@@ -180,8 +180,8 @@ en:
       piv_cac: Government employee ID
       piv_cac_info: PIV/CAC cards for government and military employees. Desktop only.
       webauthn: Security key
-      webauthn_info: A physical device, often shaped like a USB drive, that you plug
-        in to your device.
+      webauthn_info: Connect your physical security key to your device. You won’t need
+        to enter a code.
       webauthn_platform: Face or touch unlock
       webauthn_platform_info: Use your face or fingerprint to access your account
         without a one-time code.
diff --git a/config/locales/two_factor_authentication/es.yml b/config/locales/two_factor_authentication/es.yml
index 1651fa5f32c..a45448f7cb4 100644
--- a/config/locales/two_factor_authentication/es.yml
+++ b/config/locales/two_factor_authentication/es.yml
@@ -191,8 +191,8 @@ es:
       piv_cac_info: Credenciales PIV/CAC para empleados gubernamentales y del
         ejército. Únicamente versión de escritorio.
       webauthn: Clave de seguridad
-      webauthn_info: Un dispositivo físico que suele tener la forma de una unidad USB
-        y se conecta a su dispositivo.
+      webauthn_info: Conecte su clave de seguridad física a su dispositivo. No
+        necesitará ingresar un código.
       webauthn_platform: Desbloqueo facial o táctil
       webauthn_platform_info: Use la cara o la huella digital para acceder a su cuenta
         sin un código de un solo uso.
diff --git a/config/locales/two_factor_authentication/fr.yml b/config/locales/two_factor_authentication/fr.yml
index e0fd90c4e2e..9e4b626de9b 100644
--- a/config/locales/two_factor_authentication/fr.yml
+++ b/config/locales/two_factor_authentication/fr.yml
@@ -199,8 +199,8 @@ fr:
       piv_cac_info: Cartes PIV/CAC pour les fonctionnaires et les militaires. Bureau
         uniquement.
       webauthn: Clef de sécurité
-      webauthn_info: Un appareil physique, souvent en forme de clé USB, que vous
-        branchez sur votre appareil.
+      webauthn_info: Connectez votre clé de sécurité physique à votre appareil. Vous
+        n’aurez pas besoin d’entrer un code.
       webauthn_platform: Déverrouillage facial ou tactile
       webauthn_platform_info: Utilisez votre visage ou votre empreinte digitale pour
         accéder à votre compte sans code à usage unique.

From 00c7d99cd46ad681c37aa4c238ffb79a194944c1 Mon Sep 17 00:00:00 2001
From: Jessica Dembe <jessica.dembe@gsa.gov>
Date: Thu, 14 Mar 2024 12:17:08 -0400
Subject: [PATCH 2/7] Add text for security key on account page

---
 app/views/accounts/_webauthn_roaming.html.erb | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/app/views/accounts/_webauthn_roaming.html.erb b/app/views/accounts/_webauthn_roaming.html.erb
index 8672240e73a..9cc71ab10a2 100644
--- a/app/views/accounts/_webauthn_roaming.html.erb
+++ b/app/views/accounts/_webauthn_roaming.html.erb
@@ -2,6 +2,11 @@
   <%= t('account.index.webauthn') %>
 </h2>
 
+
+<p class="margin-top-2">
+  <%= t('two_factor_authentication.two_factor_choice_options.webauthn_info') %>
+</p>
+
 <div role="list">
   <% MfaContext.new(current_user).webauthn_roaming_configurations.each do |configuration| %>
     <%= render ManageableAuthenticatorComponent.new(

From 8e1259b932493aea7ca7c4959d54a4ccf33c50f0 Mon Sep 17 00:00:00 2001
From: Jessica Dembe <jessica.dembe@gsa.gov>
Date: Thu, 14 Mar 2024 12:29:14 -0400
Subject: [PATCH 3/7] replace hardcoded app name

---
 config/locales/mfa/en.yml | 3 +--
 config/locales/mfa/es.yml | 2 +-
 config/locales/mfa/fr.yml | 2 +-
 3 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/config/locales/mfa/en.yml b/config/locales/mfa/en.yml
index 22caec4b5c1..4cad43e927b 100644
--- a/config/locales/mfa/en.yml
+++ b/config/locales/mfa/en.yml
@@ -4,8 +4,7 @@ en:
     account_info: Adding another authentication method prevents you from getting
       locked out of your account if you lose one of your methods.
     add: Add another method
-    info: Add another layer of security by selecting a multi-factor authentication
-      method.
+    info: Add an additional layer of protection to your %{app_name} account by selecting a multi-factor authentication method.
     recommendation: We recommend you select at least two different options in case
       you lose one of your methods.
     second_method_warning:
diff --git a/config/locales/mfa/es.yml b/config/locales/mfa/es.yml
index cba83ed2880..7b760eb9bbc 100644
--- a/config/locales/mfa/es.yml
+++ b/config/locales/mfa/es.yml
@@ -4,7 +4,7 @@ es:
     account_info: Agregar otro método de autenticación evita que se le bloquee el
       acceso a su cuenta si pierde uno de sus métodos.
     add: Agregar otro método
-    info: Añada una capa adicional de protección a su cuenta de Login.gov al
+    info: Añada una capa adicional de protección a su cuenta de %{app_name} al
       seleccionar un método de autenticación multifactor.
     recommendation: Le recomendamos seleccionar al menos dos opciones diferentes en
       caso de que pierda uno de los métodos.
diff --git a/config/locales/mfa/fr.yml b/config/locales/mfa/fr.yml
index 612920afeee..a27213bc26c 100644
--- a/config/locales/mfa/fr.yml
+++ b/config/locales/mfa/fr.yml
@@ -4,7 +4,7 @@ fr:
     account_info: L’ajout d’une autre méthode d’authentification vous empêche d’être
       bloqué sur votre compte si vous perdez l’une de vos méthodes.
     add: Agregar otro método
-    info: Ajoutez une couche de protection supplémentaire à votre compte Login.gov
+    info: Ajoutez une couche de protection supplémentaire à votre compte %{app_name}
       en sélectionnant une méthode d’authentification à plusieurs facteurs.
     recommendation: Nous vous recommandons de sélectionner au moins deux options
       différentes au cas où vous perdriez l’une de vos méthodes.

From fd295c67002f6d55f63c86e3fc3a456020460b31 Mon Sep 17 00:00:00 2001
From: Jessica Dembe <jessica.dembe@gsa.gov>
Date: Thu, 14 Mar 2024 12:31:58 -0400
Subject: [PATCH 4/7] interpolate app name

---
 app/presenters/two_factor_options_presenter.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/presenters/two_factor_options_presenter.rb b/app/presenters/two_factor_options_presenter.rb
index 893607a0f25..d6468ef2417 100644
--- a/app/presenters/two_factor_options_presenter.rb
+++ b/app/presenters/two_factor_options_presenter.rb
@@ -67,7 +67,7 @@ def intro
     elsif phishing_resistant_only?
       t('two_factor_authentication.two_factor_aal3_choice_intro')
     else
-      t('mfa.info')
+      t('mfa.info', app_name: APP_NAME)
     end
   end
 

From 4fcd92903d9460b5d003d55fc1420454dd391af3 Mon Sep 17 00:00:00 2001
From: Jessica Dembe <jessica.dembe@gsa.gov>
Date: Thu, 14 Mar 2024 12:59:20 -0400
Subject: [PATCH 5/7] lintfix

---
 config/locales/mfa/en.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/config/locales/mfa/en.yml b/config/locales/mfa/en.yml
index 4cad43e927b..622acceff0e 100644
--- a/config/locales/mfa/en.yml
+++ b/config/locales/mfa/en.yml
@@ -4,7 +4,8 @@ en:
     account_info: Adding another authentication method prevents you from getting
       locked out of your account if you lose one of your methods.
     add: Add another method
-    info: Add an additional layer of protection to your %{app_name} account by selecting a multi-factor authentication method.
+    info: Add an additional layer of protection to your %{app_name} account by
+      selecting a multi-factor authentication method.
     recommendation: We recommend you select at least two different options in case
       you lose one of your methods.
     second_method_warning:

From b2760cfda2d269deab4875aef42f181b15455fcf Mon Sep 17 00:00:00 2001
From: Jessica Dembe <jessica.dembe@gsa.gov>
Date: Thu, 14 Mar 2024 14:05:14 -0400
Subject: [PATCH 6/7] tweaks to margins

---
 app/views/accounts/_webauthn_roaming.html.erb                 | 4 ++--
 .../users/two_factor_authentication_setup/index.html.erb      | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/views/accounts/_webauthn_roaming.html.erb b/app/views/accounts/_webauthn_roaming.html.erb
index 9cc71ab10a2..7f098d10a04 100644
--- a/app/views/accounts/_webauthn_roaming.html.erb
+++ b/app/views/accounts/_webauthn_roaming.html.erb
@@ -1,9 +1,9 @@
-<h2 class="margin-top-0 margin-bottom-1">
+<h2 class="margin-top-0 margin-bottom-2">
   <%= t('account.index.webauthn') %>
 </h2>
 
 
-<p class="margin-top-2">
+<p>
   <%= t('two_factor_authentication.two_factor_choice_options.webauthn_info') %>
 </p>
 
diff --git a/app/views/users/two_factor_authentication_setup/index.html.erb b/app/views/users/two_factor_authentication_setup/index.html.erb
index 79734d05b7f..94ef99ca4d9 100644
--- a/app/views/users/two_factor_authentication_setup/index.html.erb
+++ b/app/views/users/two_factor_authentication_setup/index.html.erb
@@ -14,7 +14,7 @@
 
 <p class="margin-bottom-0"><%= @presenter.intro %></p>
 
-<p class="margin-top-3"><%= @presenter.recommendation %></p>
+<p class="margin-top-2"><%= @presenter.recommendation %></p>
 
 <% if @presenter.two_factor_enabled? %>
   <h2 class="margin-top-2 margin-bottom-1">

From 1d4833e3897e9fb62baea039e7107e140edc12a1 Mon Sep 17 00:00:00 2001
From: Jessica Dembe <jessica.dembe@gsa.gov>
Date: Thu, 14 Mar 2024 20:17:48 -0400
Subject: [PATCH 7/7] address PR comments: static text and HTML classes

---
 app/presenters/two_factor_options_presenter.rb                | 4 ----
 .../users/two_factor_authentication_setup/index.html.erb      | 4 ++--
 2 files changed, 2 insertions(+), 6 deletions(-)

diff --git a/app/presenters/two_factor_options_presenter.rb b/app/presenters/two_factor_options_presenter.rb
index d6468ef2417..b7e5ae9748d 100644
--- a/app/presenters/two_factor_options_presenter.rb
+++ b/app/presenters/two_factor_options_presenter.rb
@@ -71,10 +71,6 @@ def intro
     end
   end
 
-  def recommendation
-    t('mfa.recommendation')
-  end
-
   def show_cancel_return_to_sp?
     phishing_resistant_only? || piv_cac_required?
   end
diff --git a/app/views/users/two_factor_authentication_setup/index.html.erb b/app/views/users/two_factor_authentication_setup/index.html.erb
index 94ef99ca4d9..da68a012db2 100644
--- a/app/views/users/two_factor_authentication_setup/index.html.erb
+++ b/app/views/users/two_factor_authentication_setup/index.html.erb
@@ -12,9 +12,9 @@
 
 <%= render PageHeadingComponent.new.with_content(@presenter.heading) %>
 
-<p class="margin-bottom-0"><%= @presenter.intro %></p>
+<p><%= @presenter.intro %></p>
 
-<p class="margin-top-2"><%= @presenter.recommendation %></p>
+<p><%= t('mfa.recommendation') %></p>
 
 <% if @presenter.two_factor_enabled? %>
   <h2 class="margin-top-2 margin-bottom-1">