Hacker News new | ask | show | jobs
by egeozcan 1879 days ago
Honestly asking, what's wrong with "Password (Leave empty if you're using {Name of SSO}): ____"?

If you are going to tell that may confuse users, I think not having a password field is already confusing the other half, while also not being password-manager-friendly.
2 comments
fckthisguy 1879 days ago
I don't think making the user read instructions is the solution. Most (myself included) will begin typing before they finish reading.

The current trend to only show the password box after the username is provided doesn't have to be bad for password managers. I use loads of sites that do this (so they can support SSO) and they just use hidden form fields so the password managers know what to do.

I'd be curious to hear any suggestions you have for password managers to improve here though. I can't think of anything short of a .well-defined login route.

link
beforeolives 1879 days ago
The Oreilly learning platform does this. Email and password field on the same page and a message under the email field

> Using Single Sign-on (SSO)? Simply enter your company email address and click sign in.

Seems simple enough to me as a user, not sure how most people interact with it though or how many companies A/B test these things.

link
benhurmarcel 1879 days ago
My company uses an SSO provider with Google Workspace. Most employees have no idea about any of that, they wouldn't know and probably would type their company password there.
link
beforeolives 1879 days ago
The password field disappears if you enter an SSO-compatible email address.
link
johannes1234321 1879 days ago
Then you have to either leak a list of each customer to the client to verify there or send each key stroke and consider latency ...
link
emilsedgh 1876 days ago
That requires you to teach your users what SSO is. I don't think it's a great UX.
link
criddell 1879 days ago
Seems like password managers should be able to handle the password being entered on the next page when there's no input on the current page.
link
nerdponx 1878 days ago
KeepassXC (and its browser extension KeepassXC-Browser) does this. Not sure why anyone would even consider a different password manager.

(Just don't forget to donate, if you have the means.)

link
kevincox 1878 days ago
Firefox also handles every one of these perfectly. I assume there is a hidden password field already but whatever it is it doesn't cause me issues other than an extra click.
link
jasdine817 1878 days ago
Because different people have different requirements.
link