Currently working on an authentication server that will have local users, and integrate SSO and 2FA options...
The break in flow is kind of required... I COULD display a disabled password field for the purpose of showing it... I instead opted for having a hidden password field (by size/opacity) so that password managers and auto-fill can populate it... when the user clicks next, the password field will be filled and continue. I could just try logging in with the entered password, if populated then display the password field without error, but this would/should probably count against the bad password attempts.
There's no perfect way here... dealing with the blur event for the text field for similar behavior will also cause alien events and mess with accessibility. Having a clear "Next" is at least a consistent in terms of a11y.
The break in flow is kind of required... I COULD display a disabled password field for the purpose of showing it... I instead opted for having a hidden password field (by size/opacity) so that password managers and auto-fill can populate it... when the user clicks next, the password field will be filled and continue. I could just try logging in with the entered password, if populated then display the password field without error, but this would/should probably count against the bad password attempts.
There's no perfect way here... dealing with the blur event for the text field for similar behavior will also cause alien events and mess with accessibility. Having a clear "Next" is at least a consistent in terms of a11y.