OAuth/GitHub login flow for Circle CI Discuss

The login flow is terrible.

Issue 1:

After clicking the “with GitHub” button on the Create New Account modal, I was constantly redirected to a password page prompting to enter a password that I had never set so that I could enable Two-Factor-Auth on my profile. From here, I was forced to “reset” my password so that I could create a password so that I could enable 2FA. Why? Shouldn’t I be authenticating with GitHub? Why do I need a password? (I am all for 2FA and have it enabled on all of my accounts, this flow is just excruciating)

Issue 2:

After getting through all of that, I logged out and attempted to log back in via Log in with GitHub and was prompted to log in with an email.


I had no idea which email it was asking for because I logged in with GitHub and figured that was enough. After trying half of the emails associated with my GitHub account (yes, you can have multiple), I finally found the right email/password combination to let me into my account.

At this point, logging in via GitHub was pointless and it is easier to just use an email and password.

Please either fix or remove the Login with GitHub functionality.

Bump. Any word from the CircleCI team on a resolution for this?

This is the most awful authentication I’ve seen for a forum. Even had to install some authentication crap on my phone to enable 2FA. So you don’t force to have 2FA enabled for the main application with possible sensitive data, but do it for a Q&A thing? Really?