Decorative
BACK TO BLOG

5 Reasons to Separate Username and Password Screens

Larry King

October 4, 2024

Last time you signed in to an account, did the first screen only prompt you for your username? Or did it want your password too?

If you were only asked for a username on that first screen, don’t be surprised. More and more, sites are separating the two, requiring a username first, and then asking for a password on a second screen. And it makes sense.

Who wouldn’t be a little confused when faced with an error message that says β€œeither your username or your password may be wrong.” Which one? Do I click the β€œForgot username” or β€œForgot password” button? Or both?

In fact, it’s hard to think of a situation where separating username and password screens isn’t the right decision. Here’s five reasons why.

Reason #1: It’s a better customer experience

In many cases, a username is all you’ll need from your customer – especially if they’re logging in from a trusted device. If so, and they’ve enrolled in passkeys or multi-factor authentication (MFA), they can skip the password step altogether, opting for Face ID or a one time SMS code.Β 

Reason #2: It’s more secure

It’s rare when the approach that’s more secure also makes for a better customer experience. But that’s the case here.

Splitting the two fields across separate pages makes it harder for bad actors to automate a brute-force attack. Brute-force attacks use programs that enter usernames and passwords over and over until they hit the jackpot. Separate screens means more work for the attacker, and that means they’re more likely to click over to another site and wreak their havoc there. And with newer login methods like passkeys, brute-force attacks are nearly impossible, as there’s no password to crack.

Reason #3: It makes adaptive authentication better

Another security benefit of breaking the sign-in process into multiple steps is that it’s easier to detect and block suspicious behavior – especially if you’re using adaptive authentication. Adaptive authentication is a new-ish best practice that adjusts the authentication process based on contextual factors like user behavior, location, or device. For a deeper dive check out this blog post we wrote about it.

By separating the username and password input screens, your customer identity and access management (CIAM) provider can evaluate a bunch of different signals as the customer enters their username. Then, when the authentication screen pops up, your CIAM system can dynamically adjust the required authentication steps based on how risky the user seems.

Reason #4: It lets you personalize the user experience

Splitting the screens makes it possible to create a bespoke sign-in experience based on the customer’s preferences. For example, some customers might have enabled MFA, others might prefer passwordless options, while some could have a specific risk profile that requires different steps in the sign-in journey. Separating username and password screens makes it possible to send the customer down the appropriate path.

In some cases, you may not have a choice. For example, if you’re using a federated identity provider or the customer is using single sign-on, you’ll need to identify the user's domain or organization before you let them authenticate. Here again, separate screens are a good choice because you can keep the username screen nice and simple. Then, once you know how you’re going to authenticate your user, you can keep that screen simple too by redirecting the customer to the appropriate site or app based on information in their username.

Reason #5: It keeps your login screen uncluttered

It’s easy for your sign-in screen to get cluttered and confusing really fast – even if your customer base is only mildly complex. If you’ve got social login options or a couple of different products, you might have upwards of 8 different things a user can click on if you try to jam everything onto one screen.

Splitting the username and password across two screens keeps each one simple by only offering the relevant options to your customer.

Five reasons why you should separate your username and password screens

If it’s so great why isn’t everyone doing it (yet)?

If separating username and password screens is so great, why do so many sites still serve them up together on the same screen?

Perhaps the biggest perceived drawback of splitting up the username and password screens is that you’re effectively adding a second step (and click) to the sign-in process. Every step you add is another friction point for the customer. Or so the thinking goes.

The counter-argument, of course, is that while there are more clicks, each of them is simpler. And, when it’s done right, you can even engineer the password out of the equation much of the time. As long as the user feels like they are progressing toward their ultimate goal, an extra click (unless it’s something repetitive) isn’t a bad thing. In fact, since we’re asking for an identifier first, the net result is often fewer clicks overall.

From where we sit, separate screens is definitely the right way to go. And if you’re wrestling with the right approach for your site or app, we’d be happy to walk you through the pros and cons for your situation. We can even give you suggestions for A/B testing your customer journeys to see what is right for your audience and when.

‍Connect with us to learn more.