The worst offender here is Microsoft, if you have a personal and a business account under the same email address (that alone is a major UX fuckup). But they add insult to injury by showing you a typical email+password form, and when you press [Tab] after the email address and start typing your password, the form is replaced under your eyes with a dialog to choose which account you want to log in, only then followed by a password prompt.
Please don’t do this, or at least try offer normal login alongside it. This is really bad ux. Instead of being able to have my password manager sign me in without me having to do much, I suddenly have to open my email (which I might have closed because I want to focus), go to the email - god forbid I have to wait 10s for it to arrive - and then it opens a new tab for me…
I despise Google's login screens. Two separate forms, one for just an email address another for just a password. Why? Why should I have to invoke my password manager twice just to fill in two fields? I can't think of a single sane reason for doing this.
One of my healthcare providers uses this and I abhor it. With their website I can see appointments, billing, etc., but instead of simply going to the website and logging in with 1Password, I have to go to the website, enter my email and click log in, switch to my email and wait for the email, open the email and click the link which takes me back to my browser.
Employee of a university here. Not only are the password requirements annoying, unless you close the browser you aren't logged out. Clicking "logout" makes it look logged out, but the next person to use email/payroll enters their credentials and gets the prior users account. Hilarity ensues with people applying for each other's leave, emailing responses to messages that weren't for them etc. The interim response is for people to set a theme in their email to make it more dictinctly different. I kid you not.
My biggest pet-peeve is when they just ask for your email address, then on the next page inform you they've emailed you a one-time login code, and then you need to hunt for the link in small text along the lines of "Log in with a password instead".
I went to vote for this, just for the fun of it, but got asked to login. Then it asked me to setup my username, and then complained that my 3 usual variants were already taken. I guess I have another account that's already sitting on that username. But who knows? Microsoft's multi-user login support is a disaster.
One of my accounts is corporate, and my browsers -- ALL of them on ALL OS's -- are constantly confused. Sometimes when I need to switch, it looks like my browser flips through about 4 or 5 pages, and then makes me manually refresh to get a prompt. How can this be so bad, at this point? Google had multi-user support sorted years ago, including business account logins. I guess it's a problem due to a difference between AD-backed corporate accounts and (I assume) non-AD accounts?
They’re yet another way for logging in to suck for people who use a password manager.
Another example of this is consumer apps that insist that you should login with your phone number and make you click an extra button to change to the email login option.
When you have multiple accounts it's even worse - especially if you've got a work account with domain authentication, a private one with 2-factor, a sub-account email under another...
I'm usually pretty savvy about typing information into a rando web form, but with windows logins it's a major chore to figure out what exactly I'm looking at.
I hope they staff up to meet the 18-month rewrite cycle for modern JS apps. I'll stick with my 2003 version on the desktop for now.
Not that I disagree, but we have possibly the world's most boring login system with nothing but email/password and even then people manage to create multiple accounts. And then john.smith@example.com will email us, asking why the facilities they set up last month aren't working any more, completely failing to mention that they set them up using their john.smith.666@example.com account.
That's positively the worst UX for logging in I've seen. Having to connect switch between apps and waiting for/fishing out the login email over 3-5 folders is so painful. And oh yeah - doesn't work in Incognito/non-default browser because the email app always opens the default browser in full cognito mode!
What I hate the most is forced 2fa. Even if you disable 2fa, "ooops you logged in from a slightly different IP address. go check your email, sucker ;)"
Not a UX'er. But speaking of UX - it is inherently very annoying to sign in with username/password in general. At least in 2022. 2014 was perhaps different.
Tangent: Windows single sign-on is kind of broken. So if I hit a site that supports it, it will automatically try to log me in via my machine without asking causing my 2FA to fire and won't show me a login screen until that 2FA check succeeds/fails. If I want to sign in via any other Microsoft Account, I first need to 2FA my machine's Microsoft Account just to get the ability to login via a completely different account.
Turning it on/off isn't a solution, because then you'll lose the ability to use Windows sign-on when you do want it. The login flow itself is just poorly designed.
Although my bigger pet peeve by far right now is that every time I login to Microsoft Teams, it gives me a prompt ("Allow my organization to manage my device") that would essentially allow my employer to take over control of my personal machine (default: On, also a dark-pattern "Yes" box).
Shit, and I hate how all of these 'auto-login' prompts appear in Chrome, and if you accidentally click it, then boom, now your name is all over the place. Think this is how I ended up in GlassDoor to begin with.
This would drive me up the wall. I don't want to have to sit in my mail client, waiting for it to pull down the message that may-or-may-not have arrived at my mail host yet, when it's incredibly easy to use a password manager for everything without having to leave my browser. He bemoans the number of controls you need to interact with to log in, but to get to log in with his method, I need to put in my email address (or take the time to find it in the list), interact with whatever control submits the form, switch to my email client (at least 1 control, probably more), refresh it to get the most recent messages (perhaps more than once), open the message, click the link, go back and close the window I used to start the login process in the first place, then switch back to the window with the app in it. Seems far more complex.
I don't buy his premise, either; he claims you need to interact with "6 different controls" to log in to Facebook, but (a) you only interact with 4 of them and (b) that's only the first time you log in from that computer. He's trying to solve a problem I have never experienced. I'm curious to see if others have felt overwhelmed by the number of controls on login forms; this is a problem I've never had.
reply