LoginOS
← Patterns

Pattern 06

Centralized login methods

Give every account a single 'Login methods' screen listing every active method (password, passkeys, itsme, MFA devices) with add/remove controls in one place.

Account settings Trust

Problem

Users often can't tell what they signed up with — a password, itsme, Google — and end up creating duplicate accounts or getting stuck at login.

Recommendation

Give every account a single 'Login methods' screen listing every active method (password, passkeys, itsme, MFA devices) with add/remove controls in one place.

UX impact

Removes the guesswork of 'how did I sign up' and gives users a sense of control over their own account security.

Security impact

Makes it obvious when an unfamiliar method has been added, which helps users notice account takeover attempts early.

Implementation notes

Require step-up authentication before removing a method, and always keep at least one recovery-safe method active at all times.