Why does Evernote not show both the email and password for login at the same time?

[RickSaada 1]

Forcing a two step process for what should be one screen is really annoying, especially to people who use a password manager like Last Pass.  LastPass can't fill in the password because the edit control is there, just the email address, so I have to fill it twice every time I log on.  Is there some reason why it can't be like every other login screen on the web? 

[gazumped 9,814]

On 6/25/2021 at 5:42 PM, RickSaada said:

Is there some reason why it can't be like every other login screen on the web? 

Guessing that it's a security thing - several websites I use have the same approach.  If I were a robot accessing a site with a cache of thousands of passwords,  having to add a user name,  then hit a key,  before inserting the password makes the process twice as long.  That's a small (if annoying) step for a user,  but a giant leap for a bot with thousands of tries to make. (Hmmn.  Must write that down somewhere...🙂)

Don't know if it will work for you,  but I just hit a random key for the user name,  then when the window opens up I'll trigger my password manager which corrects the user name and adds the password in one go.

[PinkElephant 5,538]

There is brute forcing to crack accounts. This means trying a lot of passwords to hack into an account .

By hiding the password field, with every password try the bot that tries it needs to wait for the website to react. This slows the approach to a crawl.

There is a variety called Spraying. Here it is not a single account under attack - a lot of accounts are tried in parallel. The reaction time thing works on this as well - stopping such an attack cold because there are simply too many open connections to be handled.

Good for us users, but it is still advisable to activate 2FA. Even when password guessing scored a hit, they need to guess the right code within 30 seconds. Try, try again …