Functory
functory.
Deployed On2025-11-22
AuthUXSecurityGrowth

Safer Login Flow & Free Credits Onboarding Boost

The problem

The signup experience was functional but introduced unnecessary friction: asking users for a username slowed down onboarding, and multiple social providers added complexity without improving reliability.

At the same time, the credit onboarding flow wasn’t clearly communicated — many users didn’t realize they instantly receive $10 to try the platform.

What shipped

We streamlined the entire authentication and onboarding pipeline:

  • A new credit confirmation popup now appears right after signup, clearly showing users that they can run code immediately using their free credits.
  • The signup form was simplified by removing the username field, reducing the time to create an account to just a few seconds.
  • The login system was refactored for stronger safety guarantees, tightening the security surface and ensuring stable, predictable authentication.
  • Facebook, Apple, and GitHub login options were temporarily removed to eliminate inconsistencies and secure the foundation of the auth system before reintroducing broader identity options.

Why it matters

A fast and trustworthy signup process dramatically increases activation.

By clarifying the free credits and making login safer, we reduce friction, improve trust, and let developers focus on the value: running and monetizing code.

This update strengthens both growth (more users reaching the “first successful run”) and security (a tighter, cleaner auth surface).

How we built it

We overhauled the auth configuration in Auth0, cleaned up unused connection providers, and improved the safety rules for token generation and session handling.

The frontend signup flow was refactored to align with best practices: minimal fields, instant feedback, and integrated credit confirmation.

Finally, we ensured that all login paths now follow a single, unified, secure channel for predictable behavior.

What’s next

We plan to reintroduce additional login methods — but only after implementing provider-specific hardening and ensuring they meet our new security baseline.

We’ll also experiment with contextual onboarding to help new users discover key features faster and convert more effectively.

Back to Timeline