EighthLayer | Jamie, some definitely do it because of SSO, because depending on the domain of your email, you might not need a password. Others (Apple, looking at you) do it just because they hate their users. In my own opinion, this is never a good idea and even when someone uses SSO they could just be instructed to leave the password field blank. It's even worse when sessions expire (that's just my pet peeve that sessions should always live forever).