I am not asking about the two factor authentication process where the user needs to enter both a password and a one-time-password.
Gmail recently (I don't know from when exactly) changed their login process which is depicted in the following screenshot:
So, the new steps are as follows:
- Enter email
- Click Next
- Enter password
- Click Sign In
as opposed to the previous and usual way of logging in:
- Enter email and password
- Click Sign In
Isn't the new process non-user friendly requiring extra user interactions?
Since, Google does not usually make UX blunders can you explain the reasoning behind the new process? I'm looking for details like user interaction simplicity or any other hidden advantages.
Note: The question linked as duplicate doesn't cover the reason behind the change while Mervin Johnsingh's answer cites Google's reason.
Answer
As per the official Google announcement, the reasoning behind this change is to try out methods which would complement new password authentication methods. To quote the post
Today, you sign in to Google on a page that includes both the ‘email’ and ‘password’ fields on the same page. We’ll be gradually splitting those two fields into separate pages in the coming days; the sign-in process won’t change otherwise.
As we’ve said many times, we're working towards introducing new authentication solutions that complement traditional passwords. We’ve already separated the ‘username’ and ‘password’ fields onto separate pages on a successful launch in Android last year. This change to our web sign-in page is another step in that direction.
To help make sign-in easier and more personal, you may see a screen with your profile picture and full name when signing in to Google. We’ll only show this information if you are signing in from a location or device you’ve signed in from before, like your home computer.
This new Google account sign-in flow will provide the following advantages:
- Preparation for future authentication solutions that complement passwords
- Reduced confusion among people who have multiple Google accounts
- A better experience for SAML SSO users, such as university students or corporate users that sign in with a different identity
provider than Google
Now to add on to why Google might have gone with this approach other than the password augmentation mentioned in the quoted post above here are my thoughts'
- Consistency with the sign in interface which is currently being used while setting up android thus ensuring there are common interaction patterns as shown below
Establishing a singular point of focus : The single form fields enable the user to focus on a single interaction point on the screen i.e. first the login and second the password without getting distracted.
It also allows them to potentially enable more personalized customization options for security such as phrases or images providing more security options as shown below (Banks use this method ). This would reduce the scope of phishing as the screen generated would be specific to the user and would vary from user to user.
No comments:
Post a Comment