I need to load a second page to enter my password in some sites. Why is this? I even have a site I use that has the username, password and 2FA entries on separate pages that each need to be loaded one after the other.

My uneducated guess is that it makes it harder for bots, but I can’t imagine it being that much of an impedance 🤷‍

Cheers!

  • faltryka@lemmy.world
    103·
    2 days ago

    This is called an identity first workflow and is used specifically so that they can route different people to different login ceremonies or providers.

    They get your id first, and use that id to determine what your login ceremony is. Perhaps you’re with a business that they have an sso integration with and will send you on to your businesses sso provider, or perhaps you’re a local user for them and get a password screen next.

  • misterbngo@awful.systems
    22·
    2 days ago

    This is generally done when you have customers with SSO, the first one will take the email and if the domain is ssod it forces them through a particular workflow. Otherwise you get the other normal username/password flow

  • just_another_person@lemmy.world
    113·
    2 days ago

    Sometimes it’s just UI/UX, sometimes it’s to deter specific patterns they’ve seen from bots, users, or brute-force. It’s really just subjective. One isn’t necessarily better than the others though it does mess with automated input of credentials a lot of times.

  • paraphrand@lemmy.worldEnglish
    3·
    2 days ago

    I always assumed some sites harvest what ever you enter in the first box. Especially if it’s an email address. But other people in this thread have the legitimate answer.

    • gen/Eric Computers@lemmy.zip
      1·
      4 hours ago

      This login flow has nothing whatsoever to do with enshitification. Websites have used it before that term was coined. As others have said, it’s basically because they use your username to check what login page to send you to.