top | item 23505073

Ask HN: Why have login forms been split into two steps?

5 points| littleweep | 5 years ago | reply

It seems to me that it would make the most sense to have the login and password field exposed on the same step. Many sites will separate email address from password -- why is this done? What is the benefit? It breaks autofill from a browser password manager extension (like 1Password) which seems like an antipattern.

4 comments

[+] ruyi|5 years ago|reply

This allows customized flows based on username/email. From what I've seen, there are mostly two use cases 1. different flows based on organization e.g. Microsoft Office 365 2. different flows based on guest vs user so the website can capture the emails if it's not a registered user e.g. tumblr

[+] littleweep|5 years ago|reply

Makes sense thanks

[+] flukus|5 years ago|reply

> It breaks autofill from a browser password manager extension

That is the benefit, just not for the user. The companies that started this trend were generally single sign-on providers that want you to sign in to everything with their account so you can be tracked everywhere on the web, services like 1Password make this unnecessary. The rest I think are just cargo-culting the big players.

[+] dylz|5 years ago|reply

- Sites that do single sign on: your email domain is 'corp.example.com'? -> redirect to your org's sign in page.

- Mandatory 2FA/etc