I’ve been revisiting the whole authentication process a lot lately (also together with @bwaidelich) - so ask questions along the way, and we can help solve it 
It will be great to get real life user feedback for the work on the RFC: AccountInterface and Authentication rework