Exact URL matching

2»

Comments

  • Hi @wiserweb,

    As a developer I'm sure you understand that for there to be any hope of change we need to understand how the current approach fails. If I were to go to the developers and say you're unhappy with the current UI and consider it bug and offer nothing in the way of detail or explanation the best I can hope for would be a "duly noted" and nothing more. I couldn't blame them either because the argument is too vague.

    As it stands 1Password displays all matches to the registered domain name. Matches to the FQDN and any items flagged as a favourite are elevated to the first section and the rest below in a section of related items. Exceptions to this are based on the Public Suffix List. Given FQDN matches are always elevated above related matches what is it about the current UI that is impeding speedy identification of the desired Login item?

    I do feel it's worth pointing out that 1Password has always made related items available, previously there were hidden behind a first level menu item titled Show xxxxx more items, all we're doing now is making them a bit more visible in the default view because the Suggested Items is a first level menu option now. The one option that altered 1Password's behaviour was removed because quite frankly it caused more hinderance than good so for the greater good it was removed and I'm not sorry to see it go. We can't simply add more configurable options whenever there is a request, not even if we cheat and hide behind the word Advanced. The more options you throw in the more it risks becoming unwieldy and as it stands the learning curve is too steep for many people (which is on us to correct).

    My intention is not to discount you but to impress on you the need for detailed arguments as to why something isn't working. Detailed justification will always get us further in the debate which will need to happen if there is to ever be any change. You're quite right of course, reaching the right answers from the wrong questions is almost an impossibility so if we don't understand we need you to help us see your viewpoint. Then if we still have questions we're hopefully in the position to ensure they are the right questions.

  • brentybrenty

    Team Member

    It just feels that you're telling me that 1Password is the wrong tool for me as a developer as it's designed for 'broader usage' since it benefits more those 'people'.

    @wiserweb: Not at all. Just keep in mind that your use case isn't the only one that counts. Something not being exactly the way you want it to doesn't equate with "degraded experience". We need to consider all 1Password users, not just you. As a developer, I'm sure you consider all of your users, not just self-anointed "power users".

    As I explained, for server.domain.com, the list should not show projects.domain.com as a login option. Period.

    Why not? I've given a few concrete examples of why it doesn't work like this already, and I could come up with many many more as well. While it may be what you want for your specific use case, that isn't true of most users. I don't think it's reasonable for us to change this behaviour for everyone for a small number of people, especially since the exact match will be at the top for you and you can ignore the rest. At least that's what I'm seeing in my usage. You still haven't answered my question about whether you're seeing something different. That would be a bug worth investigating.

  • wiserwebwiserweb
    edited August 2018

    @brenty @littlebobbytables

    Many users are logging into applications that share a root domain, it's not just developers.

    There are many application that are installed for users that have hosting plans. Here's an example of a small business that is using several popular hosted open-source tools, they are the typical users:

    -vtiger.domain.com (For CRM)
    -project.domain.com
    -billing.domain.com
    -gitlab.domain.com
    -stats.domain.com (for pwiki)
    -cal.domain.com (for caldav)
    -nc.domain.com (for Nextcloud)
    -app.domain.com (CNAME to SaaS App)
    -webmail.domain.com
    -panel.domain.com
    -server1.domain.com
    -mail.domain.com
    -ftp.domain.com

    Small businesses worldwide are using similar setups when they purchase their domain names. Small business represent 99% of new businesses created and are the engine of the economy.

    Should small business owners and employees see every login credentials as an option when they are logging into gitlab.domain.com or projects.domain.com?

    If these users are less sophisticated than developers why are they being offered unusable login credentials for a sub-domain? Isn't the current design logic more confusing?

    If this is the intended behavior of 1Password then I respectfully disagree that this is user friendly on the first count, on the second count that this 1Password being able to distinguish from two distinct sub-domains is in somehow anyway an Advanced feature and on the final count that these issues I bring to your attention are unique corner cases.

  • brentybrenty

    Team Member

    @wiserweb: Again, are the exact matches not showing up at the top for you, so that they're at the top, clearly delineated from the others, and just a keystroke away from being filled?

  • wiserwebwiserweb
    edited August 2018

    @brenty

    It's not clear to me why cal.domain.com has precedence over gitlab.domain.com. Is this how it's supposed to work?

    And why would any user be interested in seeing a whole list of partial matches that are irrelevant to the current context of the task at hand?

  • brentybrenty

    Team Member

    @wiserweb: You're using 1Password X, not 1Password for Mac or Windows (which this discussion is about). 1Password X is separate, relatively new compared to the desktop apps and their extensions, and does not have the feature we're referring to (and attaching images of) here, but I do believe that's on the agenda for a future update. If you're using 1Password for Mac or 1Password for Windows, you can use the desktop extension to get this behaviour now:

    https://1password.com/browsers/

  • I'm currently evaluating 1Password as a replacement for Bitwarden, which I'm somewhat dissatisfied with. This is the killer feature that is preventing me from quickly switching everything over for myself and my family today (just found this post by googling for a solution t o this problem). Not only do I have 10s of unique logins on my corporate domain at work, but I also have a bunch of stuff hosted on a server at home, all behind a reverse proxy on my personal domain. Being able to get your domains set up so that you can always directly fill the login you want every time is sooo nice (and pretty much required for dealing with sites that use HTTP basic auth, which are all over the corporate world).

    I do have to admit that I'm also a professional software developer, and thus fall into the same vocal minority of users on this thread I suppose. That said, given the ease with which Bitwarden handles this, I'm having a hard time accepting the arguments against the feature. I'd recommend checking out your competition here and taking notes. It doesn't have to be confusing - just hide it behind an "advanced options" section and/or throw up some scary warning text that says "don't change this if you don't know what you're doing".

    Bitwarden simply implements a drop-down next to the URL text box with the following list of options: "default", "base domain", "host", "starts with", "regex", "exact" and "never" (see screenshot). Multiple URLs are allowed. This covers pretty much any scenario imaginable. I'm sure most users will always leave it at the default, but it's invaluable to people in my position, and I can hardly imagine someone complaining that it's too complicated and asking for the features' removal.

    I love most of what 1Password offers, so I hope the team will reconsider their stance on this issue.

  • ag_sebastianag_sebastian

    Team Member

    Welcome to the forum, and thanks for checking out 1Password, @leopard_shark! :)

    Thanks so much for your detailed feedback, as it really made sense to me (not that other feedback didn't, but I just joined this topic). I've shared your thoughts with the rest of the team, but I can't guarantee when or if we'll implement something like that. I wish I could have a more straightforward answer for you, but this is the best I can do for now. We'll certainly continue to gauge interest for the feature. :)

  • Thank you for getting back to me so quickly @ag_sebastian ! I appreciate your response, and that you're at least considering my feedback. I'll keep an eye on this thread while I continue evaluating the product for my family.

    I hope you had a great weekend!

  • brentybrenty

    Team Member

    Same to you and your family! Thanks for taking the time to check out 1Password. If we can find good ways to surface more advanced features -- and the spare cycles to add them -- without negatively impact those not using reverse proxies, etc., that could be win-win. :)

2»

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file