Google Chrome - phantom login entries

Dan Ortego
Dan Ortego
Community Member
edited December 2010 in 1Password 3 – 7 for Mac

RE: Version 3.5.4.BETA-1 (build 30818)

After months of beta testing ‘Google Chrome’ I decided to start using ‘Chrome’ exclusively and shelve Safari. Almost immediately, I noticed that 1P in conjunction with Chrome is generating multiple logins’ for “website.com” with the short name of ‘login’. This is showing up in the Chrome/1P browser and not in the 1P application itself.

I have no idea how or why this is happening but it looks like a huge security hole. For what its worth, I have never visited 'www.website.com' so this is partially why I believe the auto-entries may be malicious. Yes I know it could be something benign but I’m a bit worried. Hopefully some Agile staffer will read this and respond.

Regards,
Dan

Comments

  • Dan Ortego wrote:


    RE: Version 3.5.4.BETA-1 (build 30818)

    After months of beta testing ‘Google Chrome’ I decided to start using ‘Chrome’ exclusively and shelve Safari. Almost immediately, I noticed that 1P in conjunction with Chrome is generating multiple logins’ for “website.com” with the short name of ‘login’. This is showing up in the Chrome/1P browser and not in the 1P application itself.

    I have no idea how or why this is happening but it looks like a huge security hole. For what its worth, I have never visited 'www.website.com' so this is partially why I believe the auto-entries may be malicious. Yes I know it could be something benign but I’m a bit worried. Hopefully some Agile staffer will read this and respond.

    Regards,
    Dan



    Hi Dan,

    First, don't worry, I don't think that it is anything malicious, only because "www.website.com" is the URL that we used to use by default for manually created new logins. When we discovered that there actually is a real website and login form at website.com, we changed to using example.com, since that is the purpose of http://example.com anyway.

    Personally, I have never seen what you are referring to in the Chrome extension, and I also just recently switched my default browser to Safari. Could you attach a screenshot for us?
  • Dan Ortego
    Dan Ortego
    Community Member
    edited December 2010
    RobYoder wrote:

    Hi Dan,

    First, don't worry, I don't think that it is anything malicious, only because "www.website.com" is the URL that we used to use by default for manually created new logins. When we discovered that there actually is a real website and login form at website.com, we changed to using example.com, since that is the purpose of http://example.com anyway.

    Personally, I have never seen what you are referring to in the Chrome extension, and I also just recently switched my default browser to Safari. Could you attach a screenshot for us?


    Hi Rob Yoder,
    Ok, here is just one shot although theses are scattered in other places within the Chrome extension.

    Hmm, can't seem to paste it in correctly. Perhaps you can look up my forum email address and send me a tag message, then I'll reply with the image that way.

    BTW: I just switched my default browser to Chrome as I found Safari is considerably slower. Besides, the 1P extension displays the information in a cleaner manner so go figure.

    Dan
  • Dan Ortego wrote:

    Ok, here is just one shot although theses are scattered in other places within the Chrome extension.

    Hmm, can't seem to paste it in correctly. Perhaps you can look up my forum email address and send me a tag message, then I'll reply with the image that way.


    OK, I sent you a message. Thanks, Dan!
This discussion has been closed.