I can understand why this happens in certain exceptional cases. For instance, Microsoft's account might require you to log in on your organization's own site.
But for most websites, this makes no sense to me. It makes it harder to use a password manager to automatically fill in your credentials. I don't see how this is "less work" at a UX level since you end up having to hit more buttons. Was there some UX memo that this improves conversion that I haven't seen?
When you enter your username, the system decides, from some part of it, what possible credential store, out of many, needs to be queried. It may discover that your identity is actually part of some federated SSO protocol, and send you off to be authenticated there, or it might have your ID locally and just ask for a password.
The alternative UX is MUCH worse. Asking the user to pick from a list which of a hundred different federated systems before accepting credentials.
Example: go here and click the Login button. https://www.educause.edu/
It is harder for password managers but also harder for password guessers.
Each guess requires additional communication and response from the server. A response delay increases with each incorrect guess. The idea is to help make it infeasible to brute force guess a password even if you know the login ID.
By splitting the ID and password pages, the delay can be off loaded to the client instead of the server. It is an alternative to a captcha test.
But there are other reasons too. Google does this, I'm guessing so that users who are tech-challenged can be able to just focus on one question at a time?
And then my bank does this questionable thing where they ask for my email first, then along with the password prompt, they show me a "security image" which is an image I chose when I made my account. I think the idea is that a phishing site would be less likely to know my security image, in which case I might realize something's up.