Every time I logon to ProtonMail, 1Password prompts to update or create a new account.

nathan1ps

ProtonMail uses a username, password, one-time password, and mailbox password. It's a bit of work to copy and paste the correct elements, but then when I'm in, 1Password compounds the issues by forcing me to ignore the pop-up thinking these one-time passwords need to be updated (which messes up the mailbox password, different than the main password).

I'm utilizing the latest (non beta) Mac version and extension (not 1PasswordX):
1Password 7
Version 7.3 (70300020)
1Password Store

---

1Password Version: 7.3
Extension Version: 4.7.4.90
OS Version: macOS 10.14.5
Sync Type: https://my.1password.com
Referrer: forum-search:protonmail

ag_ana

Hi @nathan1ps! Welcome to the forum!

When you enter your one-time password on the ProtonMail website, can you please tell me what the URL of that page is? If it's different than the other ones, perhaps we can find a way to suppress that message on that specific page.

nathan1ps

Thanks, @ag_ana . The URL (https://mail.protonmail.com/login) is the same throughout the logon process. The way I got things to work a bit better is the following (on macOS): I turned on an exception in Preferences | Browsers | Autosave: Detect new username and passwords and offer to save them (except on the following domains) and added protonmail.com to that list.

I added an additional password field to the Login and labeled it mailbox-password. I can click the 1Password browser extension button and copy the mailbox-password easily at this point. So, it's certainly not close to being automated or seamless as the entire logon process requires 11 clicks. This count includes right-clicking to paste the one-time password and mailbox-password. I hope 1Password provides an improved option for sites that are more complex than a single username/password combo as that's more secure yet more time-consuming. Here's a summary of the steps and clicks:

1) User Login: Click 1pw, AutoFill, Login (3 clicks)
2) Two-Factor Passcode: Right-click, paste, Login (3 clicks)
3) Decrypt Mailbox: 1pw, copy mailbox-password, right-click, paste, unlock (5 clicks)
Total Clicks: 11

ag_ana

@nathan1ps:

Thanks, @ag_ana . The URL (https://mail.protonmail.com/login) is the same throughout the logon process. The way I got things to work a bit better is the following (on macOS): I turned on an exception in Preferences | Browsers | Autosave: Detect new username and passwords and offer to save them (except on the following domains) and added protonmail.com to that list.

This is exactly what I was thinking about ;) If the one-time password page had a different URL, we could add just that page to the list, which would have been perfect. But adding protonmail.com to the list, as you have correctly done, will certainly help.

1) User Login: Click 1pw, AutoFill, Login (3 clicks)
2) Two-Factor Passcode: Right-click, paste, Login (3 clicks)
3) Decrypt Mailbox: 1pw, copy mailbox-password, right-click, paste, unlock (5 clicks)
Total Clicks: 11

It's true that websites with multiple password fields on different pages require more user interaction. Looking at the steps you are following, I think keyboard shortcuts could at least help: in step 1, you could call 1Password with the Cmd + backslash keyboard shortcut to fill your login data, and submit by pressing the Enter key.

In the other two steps, you could also call 1Password again with the same keyboard shortcut, and then paste them in the login form with the Cmd+V shortcut. The process would be the same, but I hope it should at least make it quicker and a little bit less painful.

Ben

@ctpublic

Would you be able to provide us with an example of a URL where you're seeing this? It is very strange that you're seeing this regularly... I can't say I recall the last time I saw it in my usage. Please let me know. We'd like to track down why this is happening for you.

Ben

Ben

If you're seeing it at Gmail, which is a site I personally use frequently, I suspect something about your setup is causing this. I've never seen an unexpected "update password" prompt from Gmail that I can recall.

Honestly, it seems like I see it on more or less every site. Is there a chance your extension is conflicting with other extensions? I also use Privacy Badger and uBlock Origin.

That's possible... but I wouldn't suspect either of those in particular. Should be easy enough to test, though. If you disable them do you still see the problem when logging in to Gmail? Also, could you please verify that no other password managers, including the one built into your browser, are enabled? We have a guide that may help, here:

Turn off the built-in password manager in your browser

Ben

Ben

@ctpublic

Thanks for confirming. Were you able to test with the non-1Password extensions disabled? And were you able to confirm if the browser's built-in password manager is disabled?

Ben

Lars

@ctpublic - thanks for the additional information. Were you able to test with the non-1Password extensions disabled? And were you able to confirm if the browser's built-in password manager is disabled?

Ben

@ctpublic

We're trying to troubleshoot this issue for you. We're not suggesting leaving the extensions disabled indefinitely, just long enough to test if the problem continues.

Also: the browsers built-in password managers are known to conflict in this way, which is why we recommend disabling them. If you choose to keep them on that is certainly your prerogative, but you'll continue to see this behavior.

I would suspect the other password managers more-so than either of the extensions you mentioned.

Ben

Lars

@ctpublic - you didn't sound argumentative. :) We're more than willing to continue troubleshooting this issue with you, but not if you're unwilling to follow steps/instructions to remedy issues we KNOW can cause problems. Trying to "move on" with those things still unaddressed/remedied (even temporarily for testing) will almost certainly be a waste of everyone's time including yours. The steps Ben outlined are the first steps to take, and while it's perfectly fine if you're not able or willing to take those steps for whatever specific reason (or no reason at all!), if that's the case it will be unproductive and almost certainly inconclusive to troubleshoot further. It's your call, however! :) Let us know what you decide.

Ben

Thanks for taking the time to share your thoughts on the subject. Please let us know how disabling the built-in password manager(s) turns out. :+1:

Ben

AGAlumB

No, I haven't had the time to experiment with that. Besides, the thing is that disabling the security/privacy add-ons is a non-starter. I just won't do it. I'll disable the 1Password add-on and cut and paste credentials from the desktop app first.

@ctpublic: Perhaps of interest, if you're giving other "security/privacy add-ons" permission to access everything you do on webpages, using them in the same browser/profile alongside 1Password as you use it to save/fill sensitive information is actually worse for both security and privacy. And we always recommend disabling browser autofill as well for similar reasons, as that is often exploited to collect user data. And pretty much anything can access the clipboard, so I'd also recommend using 1Password to save and fill rather than copy/paste. Food for thought.

I'm sorry that you've been having some odd issues with autosave. It isn't our intention to give you a hard time. We want to help. But given that you seem to be able to easily reproduce the issue you're reporting, it made sense to ask for the details since that might help us reproduce the problem and find a solution for it. If you encounter further issues and want to share the specifics, we'll be here. Have a great weekend! :)

Ben

That's certainly your prerogative. I hope you're able to find a combination that works for you. If we can be of further assistance, please don't hesitate to contact us.

Ben