Not that strange. Different users may belong to different groups which may have different authentication backends. The associated authentication method is brought up once a username has been provided.
Do the whole process all over again because the remember this device is on step 2 and it’s impossible to go back
Bonus stage 0: special login URL decided to crap out, and going back to any point in history automatically redirects to the error page that you can’t use to log in, so you need to keep going back and trying to copy the URL before it redirects becausw Firefox interprets pressing “stop” as “do whatever you want idk”
And the auto-submitting TOTP entry form where you’re apparently not allowed to make a typo. And obscuring the TOTP number like it’s a password or state secret.
That ones because users like choice. They need to look up who you are to know how you’ve chosen to authenticate. At least, that’s how it started. Some could be doing it because the big kids are, but that’s why the big kids do.
And they support choice because businesses want to use their login infrastructure and refuse to share. So you enter “user@businessOrUniversity.com.edu” and it forwards you to your institutional login.
Also This strange trend to split username and password on to two separate pages, or only showing the password field after confirming the username
Not that strange. Different users may belong to different groups which may have different authentication backends. The associated authentication method is brought up once a username has been provided.
You can do that as part of an OAuth workflow. You don’t need to have them on separate pages for that to happen.
Yes, but, it also lets them slurp up email addresses. Routing users is legit tho.
Bonus stage 0: special login URL decided to crap out, and going back to any point in history automatically redirects to the error page that you can’t use to log in, so you need to keep going back and trying to copy the URL before it redirects becausw Firefox interprets pressing “stop” as “do whatever you want idk”
Fucking aws…
I generally get bored and forget what I’m doing so the page refreshes.
And the auto-submitting TOTP entry form where you’re apparently not allowed to make a typo. And obscuring the TOTP number like it’s a password or state secret.
That ones because users like choice. They need to look up who you are to know how you’ve chosen to authenticate. At least, that’s how it started. Some could be doing it because the big kids are, but that’s why the big kids do.
And they support choice because businesses want to use their login infrastructure and refuse to share. So you enter “user@businessOrUniversity.com.edu” and it forwards you to your institutional login.
That’s there to support routing to an identity provider for SAML2 SSO.
Came here to say that! For the love of God, stop with this nonsense!