Two different websites uses the same domain for login info (Grid Systems). How to differentiate?

After accessing websites - login info entered on same domain for both websites. I have to enter username and password manually when accessing the second website. Login domain is grid-auth.gridsystems.net Any way to fix this?


1Password Version: 6.6.4
Extension Version: 4.6.3
OS Version: Mac OS 10.12.4
Sync Type: Not Provided
Referrer: forum-search:Two different websites uses the same domain for login info (Grid Systems). How to differentiate?

Comments

  • matthew_ag
    matthew_ag
    1Password Alumni

    Hey @Keithalman,

    Welcome back to the forums and thanks for writing in. I would like to understand more about what the scenario is.

    Let me describe my interpretation:

    • There are two websites, for example: foo.com and bar.com. (I don't know what the websites are so just making them up.)
    • Both websites have a Login button.
    • When you click the login button you are directed to https://grid-auth.gridsystems.net/OAuth/Auth

    Please let me know if this is true. If it is, then I have another question:

    • Are the username and password for both websites (foo.com and bar.com) different or the same?

    Looking forward to hearing back.

    Best regards,
    Matthew

  • Keithalman
    Keithalman
    Community Member

    Username and password are different for both websites. Also not sure what comes after .net in what you id'ed the "directed to" (i.e. /OAuth.Auth)

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    Greetings @Keithalman,

    Matthew isn't around on the weekend so if he had an idea I'm not sure what it was. Myself, I'm struggling to be confident that I accurately understand the issue.

    When you log into any website, if you have 1Password set up to ask if you want to save it should do as long as passwords differ from any already stored for that site. Many people have multiple gmail accounts stored in 1Password for example.

    When it comes to filling, if you visit a login page and use the keyboard shortcut ⌘\ one of two things will happen depending on your vault.

    1. If you only have a single matching Login item 1Password will fill with no further interaction required.
    2. If you have 2+ matching Login items then the 1Password mini menu will appear and ask you to choose.

    I'm not sure about the open and fill feature. Our open and fill requires that the stored URL in the website field directly loads a visible login form to work. If you're trying to use open and fill and the URL isn't the one for the oauth server, either because you have to click a link or there is a redirect then it may not work.

    I've detailed this in order to help with your response. Is the issue with saving or filling? If it is filling how do you normally use 1Password? is it the keyboard shortcut, clicking on the 1Password Browser Extension button or open and fill? My hope is once I am more confident I understand we can offer assistance.

  • Keithalman
    Keithalman
    Community Member

    Thanks for the response. I almost always use 1Password Safari extension by clicking on applicable 1password record that I want to access. In this case our neighborhood management company has two separate and distinct web sites with different names that require different usernames and passwords to access. One of the web sites is for the community and another for the subdivision (i.e. neighborhood within the community). When selecting "Log In" on both web sites they both flip to the same domain i.e. grid-auth.gridsystems.net (at least they both look the same) As this point I can't click on community or subdivision 1password records since I am now in a different domain and I don't have a 1Password record for the gird-auth... domain as there world be two different user names and passwords for the same 1password record. I don't know how to have 1Password select the appropriate username and password for the web site that I originally logged into.

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    Hi @Keithalman,

    I don't think there is any way of getting around it, you will need to have two Login items that point to the same domain. It sounds like you created what I often refer to as basic Login items, ones created from inside the main 1Password window and set their website field to the URL of the front page rather than the login page. As they use this central oauth service that won't work as we only allow filling on the right domain. Can you try the following for me please.

    1. Visit the first website and click the Log In button to be sent to the grid-auth site.
    2. Create a Login item by following the steps detailed on our page How to save a Login manually in your browser.
    3. Repeat steps 1 & 2 for the second site.

    If you then visit the Login page and use the 1Password Browser Extension button in the browser you should always see two Login items listed. If you altered the titles it will display just the titles. If the titles match they should also display the username to help distinguish the two. You can then select which one you want to use. Depending on the precise nature of the full URL you may find open and fill (clicking on the website field of a Login item from within 1Password) works if the URL encodes knowledge of the site you were sent from.

    What 1Password won't do is let you fill using a Login that doesn't match the domain or have a way of filtering the matching list down to just one based on the full path. Instead 1Password will always offer you the choice. If I'm misunderstanding anything please do correct me.

  • Keithalman
    Keithalman
    Community Member

    I was able to create a total of 4 1Password records that work for me. I have one for each of my initial two URL's and two GRID authorization URL's records that each correspond to the initial URL. I select the "Community" login record using Safari extension and then select login from that web site - get directed to the GRID authorization site to enter username and password and select the appropriate listed 1Password record (using different names for each of the four 1Password records) from the Safari extension box which fills in username and password correctly. Same process for the other initial URL. It's a two step process for each URL but it works.

  • pwskura
    pwskura
    Community Member

    I am just hitting the same sort of issue. In this case we use the Bomgar Remote Assistance service. As the admin of this for my school, I need to regularly login to two separates sites hosted on the same server, each with their own credentials. I gather from this answer while we can enter a full URL in the website fields of a password item, 1P only parses the domain part and effectively throws out the rest of the URL path(s) entered in the website field(s) when presenting the select account part. This can't be a new or even especially unique situation. I would be curious if this is a feature request yet.

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    Hi @Keithalman,

    Just so I understand correctly, are you saying that the full path of the URL for the two GRID Login items either do not specify which site they refer to or that the URL cannot be loaded directly and you must first navigate from the site's home page to the GRID login page?

    @pwskura,

    When it comes to matching yes, we only use the domain. We occasionally see requests for full path matching but there are many sites where this would only make things difficult. While domain matching does mean you need to select a Login item if more than one matches it ensures a level of consistency in 1Password's behaviour which is important for the wide range of comfort levels amongst our users.

    If you use open and fill 1Password will use the full path stored in the URL, it's only for matching purposes that we look at just the domain.

  • pwskura
    pwskura
    Community Member

    @littlebobbytables thanks for the reply. Conceptually, one could have checkbox next to a "website" value that lets the whole string be used for prompt matching, thus limiting and controlling the occurrences of such an override. Further even having such a checkbox could be an advanced setting option to further obscure its use. Obviously this notion is without my understanding how integral the domain level only matching is to the code; and I have not even tried to think thru the Open and Fill aspect. Anyway, this every day use flaw is a foible mostly, not failure, of the product.

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    Hi @pwskura,

    With enough changes that should be technically possible but we have to consider the cost to reward ratio. Kind of related given it's about URLs and matching but we have an existing option titled Allow filling on pages that closely match saved websites. I would happily see that option removed because as far as I can tell it does more harm than good and I only ever end up having to tell people to disable it rather than suggesting it will help. So factors we have to look at include how much coding would be involved, who would benefit from the change and could the change cause support queries through misunderstanding.

    I'm not saying I don't understand the potential benefit for some people but I don't believe there is sufficient demand given the likelihood that people may end up reaching a state where they believe 1Password is broken. We will of course continue to monitor demand and review but functionality that benefits just a small percentage of people often won't make it when we know there are other requests that will benefit the majority. We will continue to listen though as better understanding of how people use 1Password does help to shape its future.

This discussion has been closed.