A developer argues that 2FA, while secure, creates a frustrating login experience. The constant context switch between password managers and authenticator apps generates micro-friction that accumulates over time. This friction can negatively color a user's perception of the service itself, signaling a broken entry flow.

The core issue isn't security but user experience. Traditional password-first flows force users to manage credentials, then abruptly switch contexts to find a code. This two-step mental process happens with every login. The author questions why security must come at the cost of a seamless, predictable interaction.

Proposing a radical simplification, the article suggests a 1FA (authenticator-only) system. This would eliminate the password layer entirely, pushing complex security work like rate limiting and replay protection behind the scenes. The result is a single, calm flow: open the site, enter the code, and you're done.

This thinking led to the creation of Toqen, a tool aiming to prove this model works. While unusual at first, the convenience of a streamlined process is quickly adopted. It represents a shift in design philosophy, prioritizing user calm without compromising on underlying security measures.