Even when a user is on the first screen asking for an email address, it's possible for a browser (or curious user) to still fill the hidden password field. This most often results in the user getting what appears to be an erroneous "Incorrect username or password" error. The password field's content should be ignored on submit if it was not visible when the user was filling out the form (a server-side solution would be better though).
Even when a user is on the first screen asking for an email address, it's possible for a browser (or curious user) to still fill the hidden password field. This most often results in the user getting what appears to be an erroneous "Incorrect username or password" error. The password field's content should be ignored on submit if it was not visible when the user was filling out the form (a server-side solution would be better though).