Tech Forum

The church seems to have changed their sign-in screens. The new system doesn't seem to play well with old cookies.

I ended up deleting all "lds.org" and "churchofjesuschrist.org" cookies. But just "tech.churchofjesuschrist.org" would be a good start if you don't want to go that far. - Edit: doesn't work. You have to delete all churchofjesuschrist.org as it's the login itself that's broken - even for the main page.

In Chrome, Three dots in upper right corner > Settings > Site Settings (found in the section "Privacy and security") > Cookies and site settings > See all cookies and site data

In the search line near upper right, enter the site (such as churchofjesuschrist.org), and delete the cookies.

Close the tab and come back in.

Edited to add a missing step, and correct speculation.

I've gotten the "old" sign-in most of the time this week, but the "new" sign-in three or four times. I get a "Forbidden" message from the new sign-in, but then if I try again to go to LCR, it turns out I'm logged in anyway. Don't know yet if clearing cookies will eliminate this, but the average user isn't going to know how to do this and will just go away at the "Forbidden" message, so it would be wise to clear this up on the Church's end.

I normally use LastPass to quickly and automatically sign in with a secure, frequently-changed password. On the old sign-in page, with username and password on one page, this was easy: pull up bookmark, wait a few seconds, logged in. Now, the username and password are two separate steps, and they don't play nicely with LastPass's autofill. Plus the transition to the site once logged in is slow. This may only be a matter of 30 extra seconds per login, but Church leaders have to log in SO frequently now for all kinds of things that this will really add up. I hope they will consider retaining the more streamlined approach. I tried to leave feedback at churchofjesuschrist.org, but apparently the feedback system isn't working.

visick wrote:Now, the username and password are two separate steps, and they don't play nicely with LastPass's autofill.

In addition to the two page login it seems they've also done something so that Keepass (the password manager I use) can't even fill in the password field. I hope this wasn't done on purpose to prevent using stored passwords. Discouraging the use of password managers will actually decrease security. I will try to leave feedback too when it works.

Agreed. It was hard enough to get members to login. Now it's a little bit harder to do. Chrome does fill in the password, but only after I click in the field.

In addition to the two page login it seems they've also done something so that Keepass (the password manager I use) can't even fill in the password field. I hope this wasn't done on purpose to prevent using stored passwords. Discouraging the use of password managers will actually decrease security. I will try to leave feedback too when it works.

changing the default sequence for the church entry to allowed keepass (i'm using 2.x) to work for me

eblood66 wrote:I hope this wasn't done on purpose to prevent using stored passwords.

That would be silly considering there's a "remember me" box on the webpage.

There's a few other sites that have gone to a two-page login. Gmail, for one.

Multi-page login supports a wider range of authentication options – for example, passwordless sign-in. The sign-in page may not know which fields it should provide for authentication until after it sends the username for validation. That said, I think there are things that could be done (and have been done in other authentication systems) to improve the experience.