One-Time Password autofill

Hi, I have been using the new 1PasswordX extension for a couple of weeks now and I am loving it.
There is one question that I have though.
To log into the AWS Console (aws.amazon.com) you first provide a username and password, click next and on the next page fill in a one-time password. This works perfectly with the 1PasswordX extension. It fills in my username and password automatically and on the next page it also fills in the one-time password magically so all I have to do is press next.
I was wondering what I can do to get the same experience on gitlab.com? The process seems to be the same, the first page expects a username and password, which the extension supplies. And the next page expects a one-time password, but here the extension does not fill it in, it does not even add the button to the input. Instead I have to click the extension itself and from there I can choose "fill".
Why does this work on aws and not gitlab and what can I do to fix it?


1Password Version: Not Provided
Extension Version: X 1.6.0
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • brentybrenty

    Team Member

    @Hjalti: Thanks for reaching out! Definitely something we can work on improving. :)

    Can you tell me the OS and browser versions you're using, as well as the URLs involved? I'll be happy to test it. We'll se what we can do. :)

  • Hi @brenty!

    Thanks for your reply! I am running Chrome (Version 66.0.3359.117 (Official Build) (64-bit)) on Windows 10 Enterprise (and Windows 10 Pro at home). 1PasswordX is version 1.6.0.

    Scenario where it works perfectly:
    Url: https://console.aws.amazon.com/console/home (this changes to a long unique link for every user https://us-east-1.signin.aws.amazon.com/oauth?response_type=code&client_id=...)

    Then I click on "Sign In" and get this page:

    As you can see the 1PasswordX logo is present on both pages and fills in all the fields automagically for me so all I have to do is press the "Sign In" button and then directly press the "Submit" button. Which is freakin' awesome!!!
    When I compare the address bar of the first and second page I see that a # has been added to the end of the url on the second page. Otherwise the url is the same.

    Scenario where it does not work as well:
    Url: https://gitlab.com/users/sign_in

    Then I click on "Sign in" and get this page:

    As you can see there is no 1PasswordX icon in the input field and nothing is filled in automagically. I can however click on the 1PasswordX extension (next to the address bar) to open up the list of all my items and there my gitlab info is already highlighted and I can click on "Fill" to make 1PasswordX fill in the one-time password in the field above. So obviously the extension knows what field to fill and what account to use, but does not do it automagically as for aws.

    My guess is that it has something to do with how the pages are implemented. The aws page maybe loads a completely new page and 1PasswordX catches that and knows to fill in the OTP (but it is hard to tell since it happens so fast, so maybe they are just replacing stuff as well as gitlab is doing). Meanwhile the gitlab page seems to only replace the login form with a OTP form.
    Or maybe it is that the extension picks up on the # change that happens on aws to know what it has to do?
    Or maybe the input type differs between aws and gitlab?

    Hopefully this is something that can be fixed so that your extension can be as awesome on all pages as it is on aws :smile:

  • brentybrenty

    Team Member

    @Hjalti: I'm sorry! I didn't mean to make you do so much work there! I would have been happy to test it myself, but I really appreciate all of the added detail. I've filed an issue for this (weirdly, filling is completely broken in the beta) and we'll see if we can work some magic there too. Thank you so much! :chuffed:

    ref: b5x-395

  • @brenty No problem :smile: I love 1Password and have been using it for years. You applications have always worked great and the support I have received has always been superb! Thank you for the reply, and for filing the issue, and let me know if you need more information :smile:

  • brentybrenty

    Team Member

    @Hjalti: Sure thing! And thanks so much for the kind words! Truly the only reason we've been able to make 1Password as good as it is now and continue to work to make it even better each day is because of the support we get from you and the rest of our awesome customers. it means the world to me and the rest of the folks here at AgileBits. :chuffed:

  • brentybrenty

    Team Member
    edited April 2018

    @Hjalti: I just wanted to follow up with you here now that I have a better understanding of the situation. I've got good news and bad news. The good news is that we would like to improve filling in general, especially with TOTP, so you may have your wish someday. The bad news is that AWS is a special case and the same won't work on most other sites. I'll include an explanation below, but I hate to spoil the magic for you or anyone else who might be happier not knowing how the trick works. :)

    1Password isn't doing anything magical. On AWS, the TOTP field is already loaded on the page with the username and password fields, so 1Password simply fills all three at once. When the username and password are submitted though, the page reveals the hidden TOTP field, which makes it appear that 1Password is doing something special when it's just filling everything it can right off the bat. It's still a neat trick, but a bit of an illusion. ;)

  • @benty: Haha, sneaky AWS :smile:
    Thank you for looking into this, and hopefully someday you'll find a way to make it work everywhere, I am sure of it! In the meantime, being able to click on 'fill' in the popup is still way better than what people who don't have 1password have to do (pick up their phone, open up an app, write down code on keyboard) :smile:
    Thanks for an awesome product and as always, wonderful support!

  • brentybrenty

    Team Member

    Hey, thanks to you too for making us second guess this stuff. That's how we'll find cool new solutions. If it helps, I find that the 1Password X keyboard shortcut speeds things up for me a lot — especially with TOTP. Cheers! :)

  • Hello @brenty!

    Sorry to open this old thread again :)

    I noticed the same behavior with "Laravel Forge" (forge.laravel.com).
    In the HTML code of the page I don't see the "token" field before (or I don't see the field, which is of course possible).
    So it looks more like magic to me here. ;)

    Are there any new features? Because that would be very cool. :)

  • Hi @malacay1462,

    I apologise but can I just ask, is it 1Password X isn't picking up on the field and you're wondering if the page is doing stuff in the background or is 1Password filling the field when you wouldn't have expected it to?

  • edited August 6

    Hi @littlebobbytables,

    i'm just curious if anything has changed with 1Password X at the 2FA integration :)

    The spoiler tag mentioned that the field is in the background at AWS and 1Password simply fills all fields one after the other.

    But this is not the case with Laravel Forge:
    Here the login form exists first (which is filled in correctly). Then a page reload is executed and the token field (for one-time password) is displayed.

    1Password X fills out the token field after a page reload without any problems (valid one-time password is used in the field).

    This basically disagrees with the hint in the spoiler tag - because the field can only be seen after a reload.

    So I was just curious if there had been any improvements. :)

    (I hope my English is understandable enough - it's not the best...)

    Thanks a lot for checking!

  • Hello @malacay1462,

    Okay, I think I understand now :smile:

    I don't know when but yes, 1Password X will attempt to fill a 2FA field if it appears as part of a multi-stage sign-in. 1Password X maintains a session so that if it fills the username on a page and then after the next page load there's a password field it assumes a multi-stage sign-in and fills it automatically. If after filling a password field it finds something that looks like a 2FA field and the Login item has a 2FA field it will use that to fill with the current code.

  • Hi @littlebobbytables,

    Thanks for the answer and explanation! That of course explains everything. :)
    A very awesome feature! This makes the whole thing even more pleasant and definitely takes care that you want to save all 2FA integrations in 1Password! :)

    At this point also many thanks for the great password manager - I changed only recently and must say that was by the many features and usage types a great decision. :)

  • kaitlynkaitlyn

    Team Member

    @malacay1462 – I'm glad littlebobbytables was able to clear things up for you! It's an incredible feature indeed. :chuffed:

    We appreciate the kind words. I made sure to pass them along to the rest of the team here at 1Password as well. Thanks so much! ❤️

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file