Web Development

3430 readers

1 users here now

Welcome to the web development community! This is a place to post, discuss, get help about, etc. anything related to web development

What is web development?

Web development is the process of creating websites or web applications

Rules/Guidelines

Follow the programming.dev site rules
Keep content related to web development
If what you're posting relates to one of the related communities, crosspost it into there to help them grow
If youre posting an article older than two years put the year it was made in brackets after the title

Related Communities

Wormhole

[email protected]

Some webdev blogs

Not sure what to post in here? Want some web development related things to read?

Heres a couple blogs that have web development related content

https://frontendfoc.us/ - [RSS]
https://wesbos.com/blog
https://davidwalsh.name/ - [RSS]
https://www.nngroup.com/articles/
https://sia.codes/posts/ - [RSS]
https://www.smashingmagazine.com/ - [RSS]
https://www.bennadel.com/ - [RSS]
https://web.dev/ - [RSS]

Credits

Icon base by Delapouite under CC BY 3.0 with modifications to add a gradient

founded 1 year ago

MODERATORS

[email protected]

Why do some login flows hide the password field until after you submit your username? (programming.dev)

submitted 1 year ago by [email protected] to c/[email protected]

21 comments fedilink hide all child comments

I see this more and more lately: go to log in to some site, and they only show the username field. Enter username, click Submit, then a password field appears. Enter password, click Submit again, and then we're logged in.

This makes using a password manager super annoying, because I have to trigger the autofill twice.

Is there some security-related reason more sites are doing this? Is it an anti-bot thing? I'm just really curious, because it seems so pointless on its face, but it seems to be spreading.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 22 points 1 year ago (1 children)

On applications I've worked on, pretty much every time we've integrated SSO using oauth we've modified the entire login form to look the same. That means enter email, and we either send you to your provider login page or we show a password prompt after. Not a good reason in my opinion, but one that shows a similar UI regardless of login type.

[–] [email protected] 1 points 1 year ago

Ah yeah, this makes sense.

I have seen other services include an explicit SSO link under the user/pass form, which IMO is clearer what's actually going on, but I'm sure that structure hopelessly confuses lots of less technical users, too.