Google splits Sign-in process into two pages - gHacks Tech News

Google splits Sign-in process into two pages

If you have signed in to your Google account on the Gmail website or other Google properties recently you may have noticed that the sign-in process has changed.

Google split the sign-in process so that it is a two-step process now instead of a single one.

The first page asks for your email address but not the password. You need to click on next first to load the page where you can enter your Google account password to complete it.

If you are already known on the computer, the first step is skipped and you are taken to the second step of the authentication process instead. There you find listed the email address of the account and the profile picture of the account or the default one.

Previously, both the username (usually an email address) and password were entered on the same page.

google sign-in first page

google sign-in step 2

You are probably wondering why Google made the change. According to a post on the official Gmail help forum, for the following reasons:

  1. Reduced confusion among people who have multiple Google accounts.
  2. In preparation for future authentication solutions.
  3. To improve the experience for SAML SSO users.

While Google wants you to believe that this is not a step back but a step forward in terms of user experience, responses on the official Gmail help forum have been mostly negative.

User complaints concentrate on several different aspects. First, the sign-in process takes longer to complete as it is now separated on two pages. Even if you use a single account only, you have to go through the same process as multi-account customers.

While the process may require the same number of clicks to sign-in, it breaks the flow for users who used the keyboard (tab-key) to switch between fields to login.

Second, the new process breaks most password managers which cannot fill out form information automatically anymore or sign you in automatically.  At least some password managers will update their programs or offer solutions for the new Google sign-in process.

LastPass, makers of the popular online password manager, have posted instructions already that explain how to configure the program to take the new flow into account. Basically, users need to remove the Google account from the vault first and use the password managers "Save all entered data" feature afterwards to add it again to it.

KeePass users who use the program's Auto-Type feature may use the Delay command, e.g. {Delay 1500} to take the process into account, e.g. {Username}{Enter}{Delay 1500}{Password}{Enter}. The delay pauses the process (in milliseconds) to take the page loading time into account.

The reasons that Google give are debatable at best. One does not apply yet as the future authentication solutions are not available yet that Google refers to. As far as confusion among multi-account owners is concerned, it would be interesting to see statistics about that and the same is true for SAML SSO users.

Even if you take both user groups together and assume all benefit from the change, it is likely that the merged group is not as large as all single-account owners.

Now You: What's your take on the change?

Summary
Google splits Sign-in process into two pages
Article Name
Google splits Sign-in process into two pages
Description
Google changed the account sign-in process on the web for its products by splitting it into two pages instead of a single one as it was before.
Author

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Comments

  1. Nebulus said on May 15, 2015 at 9:13 am
    Reply

    This is a stupid idea, but Google is not the only service implementing it. For instance, this is also how you authenticate for OneDrive, and thus proving that bad ideas spread quickly from one corporation to another.

  2. DJ said on May 15, 2015 at 9:40 am
    Reply

    Of course it’s a step back in terms of user experience. >.< I don't use them, but yes, it's exactly the same what Microsoft did with OneDrive website login. They claim, among other things, it's because the system needs to know in advance whether to load a personal or a business account. (So it may actually be quicker to login via Outlook.com and then go to OneDrive.)

    (And then there are those sites that needs to be asked "Which part of browser setting 'remember passwords' do you not understand". I often read how Firefox changed this in version 38 (and some earlier versions) to make it actually remember all login credentials if users want it so… but there are sites that just won't work. Even those URLbox shortcuts don't cut it anymore.)

  3. Mirce said on May 15, 2015 at 10:32 am
    Reply

    Another change at Gmail. Guess it’s just folks from Google R&D are justifying their existence, as usual. Nowadays, this is the trend everywhere – let’s upgrade a service that is perfectly working for the users, if it is worse afterwards – hey, this is progress, they will adapt. Sick of it.

    1. Manoj said on June 12, 2017 at 5:43 am
      Reply

      This is the problem of having an Indian at the helm in Google. Indian software engineers by nature does not value anybody’s privacy and enjoy irritating everybody.

  4. MikeFromMarkham said on May 15, 2015 at 11:03 am
    Reply

    As if the change to two sign-in pages isn’t annoying enough, the “stay signed-in” box is automatically checked every time the second page appears. If you uncheck it before entering your password, it is automatically re-checked for you. Personally, I never check that box. Google gets to track enough of my movements throughout the day without me being constantly signed-in, so I’ll use whatever small bit of control they cede to me by not doing so.

  5. angelo said on May 15, 2015 at 11:18 am
    Reply

    so i can see the user real name and photo only with username ? :D

    1. Martin Brinkmann said on May 15, 2015 at 11:39 am
      Reply

      No that is not possible. Google displays those information only if you were previously signed in on the computer.

      1. Xenu said on May 18, 2015 at 3:14 am
        Reply

        Are you sure about that? I’ve used an incognito browser and tested my girlfriends username on the new login page — using my laptop, which she never uses — and it displays her real name.

      2. Martin Brinkmann said on May 18, 2015 at 6:30 am
        Reply

        According to Google, yes. It will only display those information if the computer was used before.

  6. factor1 said on May 15, 2015 at 12:32 pm
    Reply

    And third page when you have stet two factor authentication?

    1. Tom Hawack said on May 15, 2015 at 3:01 pm
      Reply

      Excellent question.

  7. Dan82 said on May 15, 2015 at 1:29 pm
    Reply

    Are you sure that Google isn’t just testing this change? I’ve just logged in on my system (IP from Austria, latest Firefox) with the old one-page form.

    1. Martin Brinkmann said on May 15, 2015 at 2:38 pm
      Reply

      It is rolling it out. Can be that the server you were connected to was still not switched to the new one.

  8. MikeFromMarkham said on May 15, 2015 at 2:44 pm
    Reply

    I was presented with both sign-ins at random yesterday until about noon local (Toronto) time … since then, it’s been strictly the 2-page sign-in.

  9. oz said on May 15, 2015 at 2:47 pm
    Reply

    Google finds far too many ways of being annoying to end users, so I stopped using anything Google-related a while back, and always block anything Google-related whenever possible. Just my own opinion, of course, but I don’t see things regarding Google changing anytime soon.

  10. Tom Hawack said on May 15, 2015 at 2:59 pm
    Reply

    Double your pleasure and double your fun with double-log double-log, double-log gum …
    Up to now I haven’t encountered this Embassy-like double entry process, no Google, no OneDrive account. But should the gadget go wild that applications and extensions which automatize the login process be embarrassed, which could lead some users to return to manual login, which could lead to a return to weak passwords. Absurd.

  11. Uhtred said on May 15, 2015 at 3:37 pm
    Reply

    wish they’d warn day before or so on changes like this, wasted time checking to make sure I wasn’t being spoofed into revealing pass.

    two pages is slower than one page
    (I manually enter all data so no password manager difficulties)

  12. Finvana said on May 15, 2015 at 3:39 pm
    Reply

    I’m getting weird results. If I visit https://www.gmail.com from my main browser (Palemoon 25.4.1 x64) I’m greeted with the awful new login system. Same address, same computer but SRWare Iron 41.0.2200.0 portable as browser (empty cache and history) and the old login page is shown.

  13. Mystique said on May 15, 2015 at 4:25 pm
    Reply

    I noticed this 2 days ago or so my first reaction was “okaaaaay, I’ll play along” then it became “This is rubbish, has anyone created a script to bypass this”
    Sadly there is not script yet but I am still hopeful there will be.

  14. Guest said on May 15, 2015 at 7:17 pm
    Reply

    Just another reason to stop using your browser to access gmail and get Thunderbird set up.

  15. Jojo said on May 15, 2015 at 8:59 pm
    Reply

    Yeah, Google is always messing around with Gmail for no real good reasons, at least from a users perspective.

    I have 6 different Gmail accounts for different business and personal reasons. I used to be able to list them on one page. Maybe a year ago, Google made that seemingly impossible by listing one account that they consider primary and then putting the link “Sign in with a different account” at the bottom. When you click that link , it shows the email account from the main page, and two buttons labeled “Add account” and “Remove”. Click “Add account” and you get taken to yet another page where you can type in an alternate email account address (nothing seems to be remembered). Once entered, you get the 2nd password page (as Martin describes). But even though you have “added an account”, GMail doesn’t remember this and the next time you need to go to that account, you have to access that account, you have to jump through all the same hoops over again. Sheeze!

    My theory is that Google is trying to make it difficult to use multiple accounts because they really want you to use only ONE email account, which makes it easier to track what you are doing and aggregate the info for advertising purposes.

    You can see this in their tagline at the bottom of the page where you enter your Gmail account that says “One Google Account for everything Google”.

    And why does Google use this convoluted URL for Gmail logon? What do all the parameters mean and why are they necessary?

    https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/&ss=1&scc=1&ltmpl=default&ltmplcache=2&emr=1&osid=1

  16. Robert said on May 15, 2015 at 10:36 pm
    Reply

    This new method creates confusion, is slower and adds privacy issues.

  17. Dwight Stegall said on May 16, 2015 at 2:42 am
    Reply

    I never use it. Once I did and it quadrupled every bookmark. It’s a good thing I had backup copies. They can keep it. :(

  18. dan said on May 16, 2015 at 8:54 am
    Reply

    Just amazing how large companies such as Google, Microsoft, Intuit, and even Mozilla can continually find ways to break products that are otherwise working just fine.

  19. dan said on May 16, 2015 at 8:56 am
    Reply

    Remember when Google were the *good* guys? I’m growing convinced that being listed on the stock market is the beginning of the end of every once good company.

  20. PETE said on May 16, 2015 at 7:03 pm
    Reply

    A real nuisance, noticed this 2 days ago and agree this is a backward step. Hope someone creates a script to bypass this.

  21. dan said on May 17, 2015 at 5:30 am
    Reply

    I find myself signing in through google voice (which retains the single login page) just to get to email without having to re-train Last Pass.

  22. Kenny said on May 19, 2015 at 1:26 am
    Reply

    It’s pretty damn annoying of Google to force this lame ass process on us and call it something else. How is a two-page system making Gmail more secure? Oh wait it’s not, it’s just annoying the masses. This is why professionals use Outlook/Hotmail. Google is just a search engine and e-mail service to me and they’re actions are continually pushing me further away from ever using their services. Soon Nexus phones will have pins on them to take your blood to verify your identity LOL.

  23. Paddleless said on May 21, 2015 at 3:36 am
    Reply

    I dislike the new two page login, but if I use Opera I still get the old one page login. In addition, I can log into Yahoo Mail via Opera without being pestered to add the Yahoo Chrome Extension. Two nuisances eliminated at once, at least for the moment.

  24. All Things Firefox said on May 22, 2015 at 1:22 am
    Reply

    Thanks for the KeePass tip. It was quite annoying, since I had to manually copy/paste the username and password.

  25. anon said on May 24, 2015 at 11:06 pm
    Reply

    Moutain View is watching you. Not only do they know what you are doing where & when. They have enough information to predict your next move. And on top of that they keep that information for years. I have eradicated Google as much as possible. If I have to use it, its is on a separate browser private mode using VPN going through a private search engine to log in to google. When done cookies cache & history is removed & browser closed.

  26. Schorsch said on June 6, 2015 at 7:04 am
    Reply

    This is a major nuisance. Gmail doesn’t work anymore with Lastpass. How do google managers think you can manage your passwords in 2015 without a password manager??! For me google now officially sucks.

    BTW, if you look for a one page login, try http://tinyurl.com/googlesugs . I am sure google wil lclose that loophole soon.

  27. polocanada said on June 11, 2015 at 3:00 am
    Reply

    It’s annoying. Now not only Google. Also Microsoft follows suit and started to forcing same 2 steps process. It looks like this non-sense is going to stay here. I agree with the article. I do have multiple Google accounts, but the 2 step process doesn’t make it a better experience, so not sure why they mention.

    The only benefit so far I see when using password managers such as LP, is if you have multiple Google accounts, you have to manually type out the email address first, in the 2nd step LP will enter the correct password for that email address.

    Previously if both user name and password are together on the same screen, LP would sometimes overwrite the username and password as I type it in (because the page didn’t finish loading yet).

    However if you are using LastPass following the best practices – it doesn’t work with the old login information. So you have to delete the login info and sage it by choosing “save all fields…”.

    With more than one Google accounts, I need to update the sign in info for multiple accounts.. How about having specific links to Gmail, Drive, Blog etc all saved as separate login info on LastPass..

  28. kentobin said on June 12, 2015 at 2:16 pm
    Reply

    i’m slowly migrating all my gmail to hotmail. i regret i can’t migrate off of youtube as well. google reminds me of corporate security at my old job before i retired.. any idea, good or bad, they just ram down your throat just because they can. we used to joke that if we just turned off the computers they’d be even more secure and just as usable. now i had better setup another backup e-mail account with ??? just in case microsoft follows this idiocy.

    when I went to rant on the google product forum they still had a one page login. after i posted my comment i was automatically added to their notification list. to add insult to injury when i followed their directions to unsubscribe by sending an unsubscribe e-mail to [email protected] i then received “Delivery to the following recipient failed permanently:” the google security nazis can’t even get their own act together.

  29. bill harris said on September 2, 2015 at 12:20 pm
    Reply

    Another brain-fart from the team who gave us 500 junk googleservices we don’t care about and the ubiquitous googleads.

    When will they learn to LEAVE THINGS ALONE? They’re under no pressure to compete: Gmail once had massive users.

    But, like MySpace and Facebook before them, they keep fixing what wasn’t broke until it becomes a ghost town. Chalk me up for the dreaded Hotmail route. Feels like 1996 …

  30. charles said on September 27, 2015 at 7:32 pm
    Reply

    Thanks for that note about the {Delay 1500} entry for Keepass, that was the piece I was looking for.
    I also love (not) that the default for both the password field and the two-factor authentication field are ‘remember me’ because, way more secure that way. Fortunately an extra {tab} and a {space} before the {enter} removes that from the password entry and I only have to remember to uncheck it on the authentication screen. /sigh

  31. flabdablet said on February 15, 2016 at 1:25 pm
    Reply

    My KeePass entry for this service has

    Auto-Type:^a{USERNAME}{ENTER}{DELAY 1000}^a{PASSWORD}{ENTER}

    The ^a pieces type a Control-A, which does a Select All on the contents of the current text field before auto-typing the username or password. This means that the auto-type still works even on browsers I’ve carelessly allowed to remember my Google credentials.

    What *really* drives me nuts about this is that as of February 2016 I’m still seeing the old one-page login on *some* of my browsers, and of course the adjusted KeePass entry doesn’t work with that. If they’re determined to screw up their login page, I wish they’d at least be consistent about it.

  32. flabdablet said on February 15, 2016 at 1:41 pm
    Reply

    Oh FFS. I just dug into this a little more, and it looks like they’re bodging based on the user agent. Include the string “Iceweasel/” anywhere in your UA and you get the old one-page login.

    There is a Debian user somewhere inside Google who *also* thinks this change is stupid.

  33. Frank said on February 23, 2016 at 3:36 pm
    Reply

    The UA change trick doesn’t work anymore :( Is there any solution to get the old one-page login??? I really need it!

  34. Google Arrogance said on May 15, 2016 at 5:42 am
    Reply

    The arrogant google employee thinking goes something like this “we’re a virtual monopoly, so we can annoy end users as absolutely as much as we feel like” – “and we’re going to spend our time tinkering around with every product’s UI just for the heck of it, to incessantly break end-user familiarity, instead of fixing THE BASICS FIRST like sending a deleted gmail DRAFT message TO TRASH instead of outer space.” – “oh, and FEWER UI options every year”.

  35. T said on May 19, 2016 at 3:52 am
    Reply

    Thanks, the {Username}{Enter}{Delay 1500}{Password}{Enter} sequence also works for autotype yahoo login on KeePass.

  36. pensumkel said on December 17, 2016 at 5:55 pm
    Reply

    don’t like it.

  37. Robotwarrior said on December 25, 2016 at 9:50 am
    Reply

    Hate it. Hate it like most of the changes tech geeks have been making to software. It is slower, harder to use and options are buried in unintuitive headings and menus that are almost impossible to remember where all the time and then once you do they change it again. But that’s another rant. I prefer speed and ease. Knock it off google. We are trying to simplify our lives.

Leave a Reply