Merge pull request #590 from freedomofpress/new-redmine-css

Update support page to reflect Redmine and 2FA changes

docs/getting_support.rst

@@ -87,47 +87,42 @@ After your account is activated, you can login and continue to the next step.
 Enabling two-factor authentication
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-Two-factor authentication (2FA) protects your account in the event that your
-passphrase is compromised. Once enabled, you will be prompted to provide a
-one-time six digit code every time you log into the support portal, in addition
-to your passphrase.
+Two-factor authentication (2FA) adds an extra layer of security to your account by requiring a one-time
+six-digit code each time you log into the support portal, in addition to your passphrase.
 
-To enable 2FA:
+2FA is required to use the support portal. After creating or logging into your account, you will be
+prompted to enable 2FA. To do so:
 
 1. Choose an application to generate two-factor codes. We recommend the
    `FreeOTP app <https://freeotp.github.io/>`__ for Android or iOS, but any
    app that implements the Time-based One Time Password (TOTP) algorithm
    should work.
-2. If you are not already logged in, log into the support portal.
-3. Click **My account** in the top right corner to navigate to your
-   account settings. On the settings page, click **Enable authenticator app**.
 
-   |2FA setting|
-
-4. You will see a page that shows a QR code, similar to the one below.
+2. You will see a page that shows a QR code, similar to the one below.
    Use your 2FA app's QR code scanning function to scan the code on the page,
    or manually enter the 2FA secret (called a "plain text key" here) in the 
    app.
 
    |2FA example|
 
-5. Select the account you have just added to your 2FA app, and generate a new
+3. Select the account you have just added to your 2FA app, and generate a new
    one-time token using the app. Enter it on the webpage and click 
    **Activate**.
-6. You should see a success message like the one below. Follow the 
+4. You should see a success message like the one below. Follow the 
    recommendation and click **generate backup codes**.
 
    |2FA success|
 
-7. You will see a list of codes like the one below. Each code 
+5. You will be prompted to enter another two-factor code. Once you have
+   done so, you will see a list of codes like the one below. Each code 
    (e.g., ``ec96 a5d7 c678``) can be used once *instead of* a 2FA code
    during the login sequence. Store these codes securely and separately
    from your passphrase. The recommended method is to keep a printout of
    the recovery codes in a secure location.
 
    |2FA backup codes|
 
-8. Log out of your account and attempt to log in again. After entering your
+6. Log out of your account and attempt to log in again. After entering your
    passphrase, you will additionally be prompted for a two-factor code, which
    you can generate using your 2FA app.
 
@@ -139,7 +134,6 @@ Please do not hesitate to open a ticket or email us at
 [email protected] (`GPG-encrypted <https://securedrop.org/sites/default/files/fpf-email.asc>`__)
 if you encounter difficulties using 2FA on the support portal.
 
-.. |2FA setting| image:: images/support/account_settings_with_2fa_highlighted.png
 .. |2FA example| image:: images/support/qr_code_example.png
 .. |2FA success| image:: images/support/2fa_success.png
 .. |2FA backup codes| image:: images/support/2fa_backup_codes.png
@@ -318,24 +312,24 @@ click on the "PGP" menu option in the upper right corner of the support window.
 
 |PGPMenu|
 
-In the PGP management window you will see two columns: one for your
-public key on the left, and one with the server's public key on the
-right.
+In the PGP management window you will see two sections: one for your
+public key on the top, and one with the server's public key on the
+bottom.
 
 |PGPUpload|
 
 To provide your public key, start by exporting an ASCII-armored copy of
 your public key. Paste your armored public key into the empty text box
-on the left and hit **Save**.
+at the top and hit **Save**.
 
 |PGPSave|
 
 Importing the server's public key
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 Now, import the public key for our Redmine server into your local GPG
-keyring. It is available on the right hand side of the page in the
-column with the heading "Redmine Server ([email protected])", in the
+keyring. It is available on the bottom of the page in the
+section with the heading "Redmine Server ([email protected])", in the
 text box labeled "Public PGP key".
 
 Select the entire public key and copy it to your clipboard. Import the