LoginOnboarding
- Problem
- Asking for username and password on the same screen forces one rigid flow for every user, even though the right next step (password, passkey, SSO, magic link) depends entirely on who they are.
- Recommendation
- Ask for the identifier (email or phone) first, then branch to the correct authentication method for that account on the next screen.
- UX impact
- Removes irrelevant fields, shortens the perceived flow, and lets returning users see personalized options like 'Continue with passkey' immediately.
- Security impact
- Enables risk-based checks (device recognition, rate limiting) before a credential is even entered, and avoids leaking password-field behavior to bots probing for valid accounts.