LoginOS
← Patterns

Pattern 01

Identifier-first login

Ask for the identifier (email or phone) first, then branch to the correct authentication method for that account on the next screen.

Login Onboarding

Problem

Asking for username and password on the same screen forces one rigid flow for every user, even though the right next step (password, passkey, SSO, magic link) depends entirely on who they are.

Recommendation

Ask for the identifier (email or phone) first, then branch to the correct authentication method for that account on the next screen.

UX impact

Removes irrelevant fields, shortens the perceived flow, and lets returning users see personalized options like 'Continue with passkey' immediately.

Security impact

Enables risk-based checks (device recognition, rate limiting) before a credential is even entered, and avoids leaking password-field behavior to bots probing for valid accounts.

Implementation notes

Debounce identifier lookups server-side, return generic responses for unknown accounts to avoid enumeration, and cache the last-used method per device for returning users.