Ondřej SurýDec 9
Repeat after me: Separating username and password fields on separate (fucking responsive) page WILL NOT INCREASE A FUCKING SECURITY IN ANY WAY! IT WILL JUST MAKE THE PASSWORD MANAGERS TO WORK WORSE AND THUS IT WILL FUCKING DECREASE THE SECURITY!!!
Show threadmikiDec 9
@ondrej The point here isn't security, the point is that some users aren't using a password at all. If such a username is detected, instead of being redirected to the password page, you're taken straight to Okta / whatever your chosen SSO system is.
Show threadMin Dec 10
@miki @ondrej You can have a "Use SSO" button on your login form without hiding the password field
Show threadmikiDec 10

@minneyar @ondrej That's arguably a worse UX for nontechnical users.

Zoom is like that, and I've had to explain how to use Zoom SSO to people before.

Show threadMin Dec 10
@miki @ondrej Sure, but nothing's perfect and I'd rather have the option that requires explanation for a small number of users over the one that is less convenient and breaks functionality for a majority of users.
Show threadmiki
@minneyar @ondrej The number of SSO users is not small. For some tools, it's definitely a majority.
Dec 10 at 11:56pmWeb