[yeuxardents]

This is one of my biggest fears about companies constantly outsourcing easily deployed internal apps as SaaS and just using mycompany.saasprovider.com

Normal users stand no chance, especially when there are URLs that are sketchy because oops, saasprovider already has a customer with your requested url, so you end up with

mycompany0.saasprovider.com or mycompany-1.saasprovider.com

Its terrible practice all around and lazy systems and services administration

[Thorrez]

Even without SaaS I get weird URLs on login pages. The login page for my personal Chase account is

    https://secure07a.chase.com/web/auth/#/logon/logon/chaseOnline?treatment=chase&lang=en

At least the etld+1 makes sense, but most people aren't going to recognize that generally the etld+1 is what you need to verify and you can ignore the rest.