this post was submitted on 01 Jul 2023
90 points (97.9% liked)

Web Development

3441 readers
2 users here now

Welcome to the web development community! This is a place to post, discuss, get help about, etc. anything related to web development

What is web development?

Web development is the process of creating websites or web applications

Rules/Guidelines

Related Communities

Wormhole

Some webdev blogsNot sure what to post in here? Want some web development related things to read?

Heres a couple blogs that have web development related content

CreditsIcon base by Delapouite under CC BY 3.0 with modifications to add a gradient

founded 1 year ago
MODERATORS
 

I see this more and more lately: go to log in to some site, and they only show the username field. Enter username, click Submit, then a password field appears. Enter password, click Submit again, and then we're logged in.

This makes using a password manager super annoying, because I have to trigger the autofill twice.

Is there some security-related reason more sites are doing this? Is it an anti-bot thing? I'm just really curious, because it seems so pointless on its face, but it seems to be spreading.

you are viewing a single comment's thread
view the rest of the comments
[–] skip0110@lemm.ee 3 points 1 year ago (1 children)

If the transition was anything but fake (i.e. they do something with the user name before showing the passwordfield) I feel like that would be a bigger security hole. A leak of some sort of info about the username maybe.

[–] Cqrd@lemmy.dbzer0.com 8 points 1 year ago

They usually just check if it needs to go to an SSO sign in. The only thing that will happen is if the email or org id you entered belongs to an SSO identity then you’ll be taken somewhere else to login. Otherwise, whether the username/email exists or not, it’s the same password flow.