Cannot retain login details

Hi @paynni ,

Could you please let us know the URL of the site that's giving you trouble? We'll be much better able to help when we can see what you're seeing.

I would also appreciate it if you could include the version number of 1Password that you're using, and on which browser.

Thanks for your help in tracking this down!

Hi @paynni,

Thanks for the URL! When I go there and click the "Log In" button, it takes me to https://www.nwolb.com/default.aspx?refererident=[long string of characters, plus date & time]. On that page, it asks for a Customer Number (which the "Need Help?" popup says is 10 characters, like you mentioned). I don't have a real account for that site, so I made up a random 10-digit number and followed Step 1 in this knowledgebase article to create a Login item.

At that point, I can refresh that page and use the ⌘\ keyboard shortcut to have the 1Password extension fill the Customer Number field (I can't get past that point, of course, since I don't have a working account there). Are you able to get that far, so you have a Login item that is able to fill the Customer Number on that page?

The next steps will depend on whether or not that works for you, so please let us know how it goes, and we'll be able to continue from there. Thanks!

Thanks @paynni! Ok, so Step 2 of our instructions to create a multi-page Login, will have you fill the field on the next page (which you said is a 3-digit PIN code) and update the Login item you created in Step 1. After you follow those steps, try refreshing that page and see if the 1Password extension will fill your PIN code in that field (you might need to go back and start with the first page that asks for your Customer Number). Does it work for the first and second pages of the login process? Keep in mind that you'll need to invoke the 1Password extension once on each page.

If your Login item works for the first two pages (Customer Number and PIN), you can try repeating Step 2 for the third page (i.e. your password), although you will likely run into a problem with that. The steps to create a multi-page Login item often work for sites that have a2-page login process (such as a username on one page and password on the next), but for a 3-page login process, you'll probably need to create two or three Login items (as described in the "Help" section at the bottom of these instructions).

So in other words, you may need to create one Login item for page with the Customer Number, a separate Login item for the page with the PIN code, and another separate Login item for the page with the password. Or, you might be able to have one Login item for both the Customer Number and PIN, and a second Login for the password.

I hope that makes sense! I'll be happy to go into further detail if you want. Just let us know how it all goes and what happens with the PIN code and password pages (I'd test myself but I don't have an account for that site). Thanks!

Hi @paynni,

There is no gain to be had really in using 1Password for the first page but ⌘\ is easier to use than typing in your customer number. I do use 1Password here as I have both personal and business accounts with the RBS so I have 1Password remember the two different numbers for me.

We do have something currently brewing in the 1Password for Mac beta where we try to make it a little easier for the user in these instances but it's a manual system where we display the password in large type, using colour to help distinguish letters, symbols and numbers and annotate each one with the index. I haven't used it much yet but it might make it easier for those with longer passwords (which is good security) to cope with these types of sites. I suspect we'd need to see a standard approach to this kind of login page before we'd be able to do anything in a more automated fashion that would work well. If it's automated we need to make sure it's reliable otherwise it would be even worse than manual.

To be brutally honest, I believe better security would come from sites like this not using such a system and here is why I believe that. At one point a users computer was the weak point, the primary target of the bad guys out there. I can see how such a system might help limit the damage given the user would have to interact with the site a lot before somebody snooping on the users computer could gain the full password. What we see more of these days though are sites being targeted so that the bad guys can run off with the entire password database. In that world, I have to ask myself, how exactly is my bank keeping my extra strong password safe where they can confirm individual characters? In my mind that can't be good. Sorry for the mini rant, this one is usually stewing in the back of my head.

I still store all of the information required to log in inside 1Password simply because part of what makes 1Password essential for me is 1Password doesn't forget while I have locked myself out of one of my accounts before. That's when I realised that even if 1Password can't automatically fill, there is very good reason to keep the information there anyway.

If you have follow up questions do please ask! :smile: