Domain matching requires exact domain match

Hi,


My situation is a little weird, so bear with me, I'll explain this backwards.

My principal browser is firefox, but I regularly use chrome, and sometimes safari too.

I'm on 1password 3.7.5, and today upgraded to firefox 6, and the beta version of the firefox add-on.


I used to be able to fill in a website password, by browsing to the website page, and then selecting a username/password from the 'Other' button in the 1Password toolbar in firefox.


The problem is that in my role as a system administrator, and programmer, I have a single username/password that covers 90% of my daily activities and dozens of others used only rarely. This is just within my home domain, lets call it mydomain.edu.au, before we look at all the usernames/passwords outside that domain.

As a sysadmin, I have multiple logins for the same single service, depending on whether I visit it as a user, or an admin.

If I just let 1password do it's default thing, it would create a username/password for every server at mydomain.edu.au that I use, that's ~100 machines. Most of which are the same username/password.

If I ever need to change my main password, this means 100 different entries in 1password need updating.


So, to help with this, I created a password entry called *.mydomain.edu, and gave it my standard username/password, the one that covers 90% of my daily logins, and the '*' in the name made sure it appeared at the top of the list of 'other' passwords. I also disabled auto-save for mydomain.edu.


Things worked well for the last 2 years.

But with the new firefox extension, things are broken for me.

For instance, I visit mail.mydomain.edu.au, and 'Logins for this page' list is now empty. I bring up the list of of 'All Logins' instead, and select my special entry, but the browser doesn't fill in the username/password, it now launches a fresh visit to a new webpage (http://localhost/ - I presume this is because I didn't put a URL in the special entry).

So, I have 2 questions, first is the Firefox extension going to start populating the 'Logins for this page' list the way they used to do, and submit usernames/passwords to the current page, or is this an intentional change in behaviour. Having to copy/paste complex password from the full 1password tool into browser windows is going to get tired very fast.

Second, is there a better way to handle logins within a domain that covers a hundred different websites/services, and multiple username/passwords, sometimes on a single server.

I also notice, now I'm examining things, safari is broken too, in much the same way for me. If I visit a site (facebook), where I have multiple accounts, it does fill in the 'Logins for this page' list, but it still relaunches the webpage, so even if it put my special entry in the list, it won't work.

I'm lucky that Chrome is still working the way it always did.

Comments

  • khadkhad Social Choreographer

    Team Member
    Hey osric,

    We made some changes in the domain matching in the new extensions to better accommodate the majority of our users. The balance between what is best for power users like us and everyday users can be tricky, but we have had a great amount of feedback on the new domain matching which is extremely positive. Only Logins which contain a URL matching the fully qualified domain name of the currently viewed site will be present in the "Logins for this page" list. That includes protocol, so a Login save for a secure (https) Login page will not fill an insecure Login page (http). I will add your vote for a linked logins/equivalent domains feature, however. I think that would help mitigate the issue by allowing you more control over which Logins use what credentials.

    In the meantime, you will need to save a Login for each page. You can then use it every time you visit that page.

    All that said, nothing is written in stone. I will pass your use case along to the developers! :-)

    If we can be further assistance, please let us know.

    We are always here to help!
This discussion has been closed.