Onboarding experience: too hard
I have used 1P for many years, and it suits my needs as a software engineer nearly perfectly. However I have suggested it to a number of friends, and done the work of getting two distinct types of user up to speed: my partner (1P Families), and as the IT manager at a smallish company (1P Business). I started both a year or more ago, and thought I would share my experiences.
tl;dr After a year, people are still struggling to understand 1P, and are still failing to gain the core benefits such as reused passwords.
The main challenge my users have faced is how to migrate from whatever they used before ... intentional or not. My partner uses a Mac and iPhone, and has home and work Google accounts. She doesn't really understand that Safari and Chrome are different things, but uses both at work and home. In both cases, she accepted the default password management features, with autofill in chrome, and various flavors of Apple password managers.
At any given time, without reconfiguration, all of these PW managers are competing to manage a password, and the result is confusion, and inevitable password resets "just to get in". So, the user ends up with multiple possible passwords saved in multiple places: Google, Apple, and now 1P. The same has been an issue for my co-workers, who are also at varying levels of technical awareness.
The first thing I did for my partner, mainly to make her feel confident, was to import all the passwords from Google and Apple PW managers. This turns out to have been a really bad idea, and also, it's really a great deal harder than it should be -- not very well documented, hard to find on the site, and some parts of it didn't seem to work. This is a terrible idea because Google, at least, saves a new password for any different URL it finds, so there can be multiples just for one site. I am not sure about the Apple version, but the result was that we had at least two, often many more saved passwords imported into 1P. Finally, unless these PW managers are turned off, they keep adding their confusion to the mix.
Suggestion: build an importer that figures out how to actually migrate to 1P. There may not be APIs that allow this to be automated, but at least you could build a step-by-step process, and a checker that sees the status and warns users. Ideally the tool would merge (or offer to) sites at the same domain, would identify a suitable name for the 1P entry, would retain history (archive) of old logins, and would coach the user through confirming the result on computer and phone.
Passkeys and MFA are both great when 1P gets them right. But I am still regularly assaulted with the option to use passkey with my Amazon account, as well as my AWS accounts. The MFA process is kind of klunky
