It’s becoming more and more common: instead of a login form where you fill your e-mail or username and your password, you first have to fill your username and submit the form a first time for the password field to appear on the second page (which is often loaded via Ajax, but the fact that the URL doesn’t change doesn’t make the problem disappear).
There is no need to discuss the fact that it’s annoying, but it seems that companies choose to do so because they believe it’s more secure. Is it really? And if so, why?
(Cover image by Del.)