@foone also, two-step logins where you enter your username or email, click next, then get prompted for a password, because they've accumulated a bunch of different auth providers and also have different "estates" for individual orgs with conflicting requirements and can't figure out how to glue all of those together in a coherent fashion.