Questions/Problems I've Discovered So Far

I've decided to make a post here to see if anyone knows how to accomplish what I'd like to do or add it as a feature request if it can be at the moment:

  1. I cant figure out how to fill in login data on a URL that differs from the one created with 1Password? For example, my accounting software for Quick Books requires my banking login from Mission Federal. I have me banking login saved with 1Password. But when I open the 1Password menu (Ctrl+) and type "Mission Federal" so I can use it's login info with Quick Books, it only opens a web page to log me into Mission Federal instead of filling in the forum with the credentials.

  2. When adding a something to 1Password (e.g. credit card, login, etc...) it won't allow me to edit or delete the title of an entry (e.g. cardholder name, username, etc...) unless I create a custom one. For example, when adding a login I might want to change the "username" title to say "email" since it can be more appropriate. In other cases being able to delete the entry altogether would be helpful as well.

  3. Sorting logins by "tags". I tag all my relevant logins to keep them organized, but lack the ability to sort them. I understand the show up in the left side categories. I'd like to see it in the logins category itself though.

  4. Merrick Bank is using an incorrect (what seems to be 16x16) icon in 1Password. I have manually replaced it.

  5. This one may need to be moved since it's not related to Windows. But I did create the passwords in Windows. When using the Android app to fill passwords, it sometimes needs me to do the procedure twice before it logs in. This occurs on the Mission Fed app for example.

That's all I got so far. Otherwise I really like 1Password. If you need anymore clarification please don't hesitate to ask!


1Password Version: 7.3.684
Extension Version: 4.7.4.90
OS Version: Windows 10
Sync Type: N/A

Comments

  • bundtkatebundtkate

    Team Member

    Thanks for reaching out, @DWreck1995, and I'm delighted you're enjoying 1Password thus far. :chuffed: I'll cover your questions inline as best I can so I can make sure I'm being thorough here.

    I cant figure out how to fill in login data on a URL that differs from the one created with 1Password? For example, my accounting software for Quick Books requires my banking login from Mission Federal. I have me banking login saved with 1Password. But when I open the 1Password menu (Ctrl+) and type "Mission Federal" so I can use it's login info with Quick Books, it only opens a web page to log me into Mission Federal instead of filling in the forum with the credentials.

    In short, you can't fill on a site that doesn't match the URL you've saved in 1Password. This is a form of phishing protection. You might visit a site that looks very much like Google.com but actually isn't. We humans can't tell necessarily, but 1Password totally can so it will refuse to fill. Now, might you choose to copy/paste into that site anyway? Sure, but our hope is that refusal will give you pause and at least lead you to consider why this isn't working and, hopefully, make you suspicious enough to take a closer look and perhaps see that something is wrong.

    With that said, there are totally legit reasons to enter credentials from on site on another at times. As an example, I use Mint so that I can pretend to stick to a budget (I come close most of the time, okay?) and that means connecting my bank accounts so Mint can keep track of things for me. In these cases, I edit the items I need to fill in Mint and add the mint.com URL as a secondary website field tot hat item. Think of it as telling 1Password, "Hey, thanks for protecting my stuff! If I ask you to fill this Mission Federal Login on QuickBooks, though, that's totally okay." 1Password is very understanding and will make accommodations when you let it know they're needed. :wink:

    When adding a something to 1Password (e.g. credit card, login, etc...) it won't allow me to edit or delete the title of an entry (e.g. cardholder name, username, etc...) unless I create a custom one.

    This is on purpose in many cases. Certain field names are protected because they're fillable. That is, these are fields that can be filled into forms by your browser extension. Computers are super smart, but they're not all that intelligent and they rely on things being precisely as expected in order for even seemingly simple tasks to work properly. Field names, field types, the labels in a form – these are all things that need to be juuuust right for filling to work seamlessly. Of course, we're doing some pretty cool things with computers as a species. They're learning to learn new things on their own, better understand natural language, and even reason their way to the best choice when everything isn't quite as expected. Hopefully that will mean we can loosen those restrictions one day. For now, though, we want to ensure filling works the best it can and that means making things a bit easier on 1Password by limiting some customization options. After all, filling is one of the most important aspects of 1Password. Without out, you'd just have a bunch of super long passwords you constantly have to type or copy/paste. Gross, yea?

    Sorting logins by "tags". I tag all my relevant logins to keep them organized, but lack the ability to sort them. I understand the show up in the left side categories. I'd like to see it in the logins category itself though.

    I am not totally sure I follow what you're after here, but! If what you're after is filtering the Logins category to only show items with a certain tag, there's a search for that. Select Logins in your sidebar, then search for tag:foo where foo is your tag name. Note the lack of spaces – spaces are bad in this case. Hopefully that helps, but if I'm off about what your'e after, let me know. :+1:

    Merrick Bank is using an incorrect (what seems to be 16x16) icon in 1Password. I have manually replaced it.

    We maintain this database ourselves for rich icons, so if no one provides an updated icon, we generally do fall behind. Custom icons are a great way to deal with these, but if you have an icon you think is a better fit, feel free to e-mail us and let us know at [email protected] We may not be the speediest at getting them updated, but we do try to honor requests. :chuffed:

    This one may need to be moved since it's not related to Windows. But I did create the passwords in Windows. When using the Android app to fill passwords, it sometimes needs me to do the procedure twice before it logs in. This occurs on the Mission Fed app for example.

    This is one a bit outside my realm of expertise, but I do know that some of that process is handled by the OS on Android and some behaviors depend on the app's implementation. That's about the extent of my knowledge, though, so not terribly useful. As such, I'll summon @peri as she'll likely have some greater insight into that issue and hopefully some better suggestions than I do. :blush:

    And I think that's about it! Hopefully this helps you work around or improve some of these things out the gate. And, of course, if there's anything more I can do to help or any clarification needed, you know where to find me. :chuffed:

  • Hi @bundtkate,

    Thanks for getting back to me so quickly. I'd like to touch on a few of the things you said. I'm not sure where the quote button is and the typical forum [quote][/quote] doesn't work here, so I'll just number my responses to reflect each of yours:

    1. I understand not allowing login data to be auto filled on a URL for a site other than the one it was created for can be a used as a form of phishing protection. However, I don't see how (in my case for example) me purposefully doing a manual search for the login data would fit the reason you gave. I'm already acknowledging the potential of a phish URL by needing to do a manual search for Mission Fed to begin with, since it didn't pop up automatically. 1Password does allow me to do the manual search for the login data. The problem is once I click it to fill in the forum it just opens a web page to that website instead. Restricting logins from showing up automatically when the URL is mismatched is a certainly a good form of phishing protection. But, allowing to manually search for other logins (giving the impression that it can be overridden) then just not work is not really phishing protection.

    As a side note, phishing websites are designed to look "like" other websites. But the URL for the phishing site can't be the same as the other websites. So if you're an experienced user and know what to look for among using safe browsing tactics, like always entering the sites URL instead of using links for example, then phishing protection just hinders ones ability to do what they want. If it really is a form a phishing protection maybe you'd consider adding an "advanced" tab to the settings for allowing certain things like the auto fill on mismatched URL's.

    You did provide a good idea by adding the other sites URL to the login in 1Password so I can still auto fill it. The only caveat to that is it will show up all the time unless I remove it after.

    1. I get not allowing to delete ones that could be fillable in forums. They don't show up unless you have something written in them or are in the edit mode anyway so that's not so bad. But you should still be able to change the names. The browser extension doesn't care what the name is, it cares what it's tagged as. Each entry is tagged with it's appropriate fillable trait (e.g. text, URL, email, address, etc...) regardless of the entries name. The title could say "pie" for instance and still be set as "password" for its fillable trait. It would still fill the password field of a forum.

    2. So under "Logins" in the "Categories" listed on the left hand side of the 1Password program is what I'm taking about. At the top you'll see "X items sorted by Y". You can change this to a number of things. But it "Tags" is not on the list. If you could sort logins by tags it would be tremendously helpful for people that have lots of logins.

    3. I'll send an email with the attached icon that I used. Is there a format that you guys prefer?

    4. I'll wait for @peri to respond on this one. But you're right that it relies heavily on both the Android OS and the app itself. However, I can confirm that similar apps that compete with yours do not have this bug.

    Once again, thank you @bundtkate for taking the time to respond. I really appreciate it!

  • periperi

    Team Member

    @DWreck1995 I don't have an account with Mission Fed, so while I'm able to test filling with a dummy Login, I'm not able to test actually logging in. But I did want to clarify something. Is 1Password for Android filling your credentials the first time? Or do you have to tap the Autofill prompt twice to get the credentials to fill? When I tested this out on my end, I was able to fill both the username and password fields without any problems.

  • Hi @peri,

    When I open the app I have to first hold on the password field to get the "Autofill" button to appear, it isn't appearing on it's own like it usually does. Once I tap "Autofill" then the standard "Autofill with 1Password" prompt appears and I can tap that to continue. When I select my password from the list, it only fills the username first. I then have to do the same procedure a second time in order to get it to fill the password. After doing all that I can tap the sign in button and it'll work. But, I have to go through that each and every time I use the app.

  • bundtkatebundtkate

    Team Member

    Regarding phishing protections, @DWreck1995, there's really no way we could be totally thorough there unless we disabled copy/paste entirely. Even if we only allowed one URL, someone who really wanted to fill somewhere else could just copy/paste and if they do so on a phishing page, that's that. We could consider the search that acknowledgement, but we also have a feature called "Go & Fill" where selecting an item with a different URL will open that URL then fill on that page. This plays a role in that phishing protection (if you try to fill on a non-matching site, that triggers a Go & Fill) but it's also something a lot of folks use in lieu of bookmarks. That's one of the reasons that search is allowed. Were we to change this behavior to allow a fill after search, we'd be left presenting a dialogue (fill here or perform a Go & Fill), which adds steps both for filling on a non-matching site and folks using the normal Go & Fill feature. While it's totally the case that there are good reasons to fill on sites other than the one where a given Login is created, we feel asking y'all to make the decision that you trust that site with those credentials and specify that by adding the URL to the item is still the best choice. It allows filling to work more seamlessly after the first go and avoids interference with other filling features.

    I honestly don't know enough about the rationale behind protected fields to opine on exactly why editing (beyond changing the username/password data itself) is disallowed. @MikeT and I were chatting a bit about this recently so he may have a better answer. Regardless, I've seen a single digit number of requests for making such changes during my time here so even if that isn't strictly necessary, I don't think there's much demand for change there. Filling is one of those things that's actually much more complicated than it appears and I know just enough about the process under the hood to speak in generalities, so I can really only scratch the surface.

    At the top you'll see "X items sorted by Y". You can change this to a number of things. But it "Tags" is not on the list.

    Ah, gotcha. I'm not sure how well that fits how we're presently handling sorting, but I can totally see it being useful and will certainly pass it along. :+1:

    Is there a format that you guys prefer?

    PNG is the preference, I believe, but if you've got something else, I'm sure we can manage. :chuffed:

  • periperi

    Team Member

    @DWreck1995 I do see having to tap Autofill form the menu, but afterward, both fields fill just fine on my end. Can you let me know if you have both Autofill and Acessibility enabled in 1Password's settings menu? Also, when you see the 'Autofill with 1Password' prompt, is there an X in that prompt to close it?

  • @bundtkate,

    Thanks for the information. Hopefully sorting by tags will get implemented at some point. Other password managers already do that. I'll go ahead and gt a PNG for the icon to email you.

    @peri,

    I do have the Autofill an Accessibility enabled. I am using a Samsung Galaxy Note8, if it helps. There is no X to close it. I actually haven't seen it appear with an X in any of my apps.

    Also, when opening the app opens it has a username already filled in because I've already logged in before. There is no way to disable this. But that could be the reason you are unable to replicate the issue. I've attached a screenshot to show you what it looks like as soon as the application launches:

  • I'd also like to post another discovery. https://www.capitalone.com does not allow the password selection prompt to appear when I click the little 1Password logo on the right of the password field.

  • periperi

    Team Member

    Thanks for the additional info, @DWreck1995. I'm seeing this behavior with Capital One, too. I'm still not able to reproduce the issue with the Mission Federal app, but I'll pass both of these issues on to our development team to look into. Thanks!

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file