And no, I will not tell you what my company app is.

  • dgmib@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    10 months ago

    It’s called home realm discovery. It’s common in business apps though it’s usually used with email & password logins not username & password logins.

    It’s done that way to support federated logins. Larger companies will often used a single sign on solution like Okta or Azure AD. Once the user’s email address is entered it checks the domain against a list of sign on providers for each domain and redirects the user to their company’s federated login if it finds it there instead of prompting for a password.

    This has several benefits:

    1. The user doesn’t have mutiple passwords to remember for different apps. Which is know to result in users either reusing passwords or writing down passwords somewhere.

    2. When an employee quits or is terminated the company only needs to disable their account in their company directory and not go into potential dozens of separate web apps to disable accounts.

    3. The software vendor never receives the password, if the vendor’s system is compromised they don’t even have password hashes to leak. (Let alone plain text or reversibly encrypted passwords)

    Websites that work that way are (usually) doing it right. If that doesn’t work with your password manager, you should (probably) blame the password manager not the website.

    • DAMunzy@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      1
      ·
      10 months ago

      I doubt the password manager is blame that there is now two steps to logging in compared to the previous one. The password manager still works, just requires using it twice. An annoyance because it used to be a little bit easier.

      Thanks for all the info on home realm discovery. I love to learn new things!

      • dgmib@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        10 months ago

        If a website using home realm discovery adds anything more than one extra press of the enter key or mouse click of an ‘ok’ button, get a better password manager.

        If you’re annoyed by that one extra click that’s fair. Click counts matter.