Mismatched instructions when making a new Password.

Options
wkleem
wkleem
Community Member
edited May 2017 in 1Password in the Browser

https://uip.greateasternlife.com/econnect-new/#/force-change-password

Hi

I thought I would bring to your attention the idiocy of some sites like the one I linked above. The initial and subsequent instructions don't match! After attempting the usual setting, I now have to be forced to use 8 characters.

There is some incompatibility with the Password Generator and the site as, even with 7 characters, I am still getting rejected.

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • wkleem
    wkleem
    Community Member
    edited May 2017
    Options

    I finally managed to login to the site with Firefox 53.0.2 but Chrome 58 (58.0.3029.110) failed despite a number of attempts.

    I have not tried increasing the password length though.

  • jxpx777
    jxpx777
    1Password Alumni
    Options

    That is so bizarre! It's frustrating when sites make invalid assumptions alone without them contradicting themselves within several DOM elements of each other. It reminds me of this compendium of falsehoods that programmers are frequently guilty of embracing. I would add, "If I set maxLength on an <input> field, the value of the field can never be longer than that." Personally, I have seen some errors recently where the site says, "Your password must be more than 8 characters!" when I fill a 64 character Password. Then I right click the field and inspect it and see that the maxLength is set to something like 12 and their validation code just didn't know to check for longer values because, well, they made a bad assumption.

    Making 1Password better able to cope with these kinds of restrictions when generating new Passwords is something we definitely want to take a look at, but it requires some changes to how the extension and 1Password talk to each other. Right now, 1Password just asks the extension what the current URL is. We would need it to ask for more details about the page in order to support considering things like password fields' length and such. Then the question becomes how do we handle a page with multiple password fields that might have different lengths… All very delicate to make sure we make the best experience we can.

    --
    Jamie Phelps
    Code Wrangler @ AgileBits
    Fort Worth, Texas

This discussion has been closed.