vietnamese mud crabsoft-shell crabdifferent species of crab
Join
3
2 Comments

Two browser-agent failures we kept seeing: login and infrastructure mismatch

by BrowserAct

We keep seeing the same two failure modes when teams move from a browser demo to a real AI-agent workflow.

  1. The agent can browse public pages, but fails the moment it needs a logged-in session.

That is where the real work starts: 2FA, account identity, approval gates, cookies, session recovery, and actions that need a human in the loop. Giving the agent a password is not the durable pattern. Isolated browser sessions + explicit human handoff is.

  1. Teams compare browser tools only as infrastructure.

Cloud browsers are useful, but for many agent workflows the problem is not just "open a browser in the cloud." The problem is operating inside real accounts, across multiple identities, with auditability and safe approval boundaries.

That is why our internal framing for BrowserAct vs Browserbase became:

  • Browserbase: strong browser infrastructure
  • BrowserAct: browser workflow layer for logged-in, human-in-the-loop, multi-account agent work

I wrote up both pieces here:

https://www.browseract.com/blog/ai-agents-login
https://www.browseract.com/blog/browseract-vs-browserbase

Curious how others are handling login/2FA for agents. Are you treating it as a hard stop, or building human approval into the workflow?

Avatar for BrowserAct BrowserAct
on June 9, 2026
Say something nice to BrowserAct…
Post Comment
  1. 1

    The multi-identity piece is the part that gets underspecified in most agent-login conversations. Once you have N identities in scope (multiple accounts, multiple wallets, multiple personas), the human-approval boundary stops being "did the agent get credentials" and becomes "did the right human approve at the right identity for the right action." Per-identity routing is what makes that gate enforceable, not the credential surface.

    Treating login/2FA as a hard stop works for single-identity flows. For multi-identity, the hard stop has to also resolve which identity the action belongs to before the approval fires - otherwise the agent can auto-inject the wrong-account context and the human approves an action that targets a different identity than they think. That class of failure doesn't show up in single-identity demos.

    User Avatar txdesk
    ·
    2 hours ago
    ·
    Reply
  2. 1

    Interesting distinction.

    The thing I’d be careful with is that “browser workflow layer for logged-in, human-in-the-loop, multi-account agent work” is technically clear, but the first buyer may still not immediately recognize themselves in it.

    A lot of infrastructure products explain the architecture correctly, but the pain enters too late in the story.

    Feels like the harder decision is less about login handling itself and more about which painful workflow should own the positioning first.

    User Avatar aryan_sinh
    ·
    5 hours ago
    ·
    Reply
Trending on Indie Hackers
Most founders don't have a product problem. They have a visibility problem User Avatar 105 comments Day 4: Why I Built a $199 Workspace Nobody Asked For User Avatar 54 comments Spent months building LazyEats AI. Spent 1 day realizing I have no idea how to get users. User Avatar 35 comments Hi IH — quick update. The MVP is live. User Avatar 27 comments I Built a Football Sentiment Platform in 18 Days. The World Cup Starts in 7 Days. Now I Need Distribution. User Avatar 17 comments I built a $5/1k-listing CRE data API because CoStar is overkill for first-pass scans User Avatar 14 comments