1Password not recognising login change on multiple sites

Hello,

I was just changing a login information for multiple sites (including Facebook) and unfortunately 1Password never recognised that the login has changed and did not ask me to update the login for the page. The only "non-standard" change I did is, that I actually didn't change the password, but I changed login (email).

When I tried to update password, everything worked well (tried on Facebook).

Can you please take a look on that?


1Password Version: 6.5
Extension Version: 4.6.2.90
OS Version: OSX 10.12.1
Sync Type: Not Provided

Comments

  • Greetings @ondrejfuhrer,

    Currently 1Password will only offer to update a Login item when we recognise a password change form has been submitted or offer to save a new Login item when we see a password that isn't recorded in your vault for this site. Everything is based on the password, in part due to the higher confidence we can have at the presence of a password field. While I would not profess to be an expert in this area by any means I would imagine part of the issue is how to deal with the possibility of false positives given there is often no clear way to identify a username field from other text fields. Unless it was amazingly accurate, and it would have to be fantastically so, the false positives would drive people absolutely nuts. Even a small error would likely lead to numerous issues due to the prevalence of text fields on pages.

    It would be nice if 1Password could be this smart but I don't know how feasible it is.

  • Hello @littlebobbytables ,
    thank you for your reply. I get the reason why it works this way and it is understandable. But I think that it is actually solvable. Of course it is hard to find out the change when I actually change the email (some email change form), but what can be done in my opinion is, that once I actually use the login to that page (so there is actually only username and password submitted), the change popup should be possible to trigger. What do you think? Of course I don't know how exactly that is triggered, but that seems to me like a solution that would work.

  • Greetings @ondrejfuhrer,

    It's something to consider but there are so many variables that I do worry about false positives. Even saying only check on the login page has complexities to it. Does it only happen when the URL stored in the Login item is a precise match for the open page? What about sites that have some sort of dynamic aspect to the URL? sites with multiple points of entry. People are likely to be more annoyed at something unless it works everywhere perfectly than the absence of a feature. The more it opens up though the more traps and pitfalls have to be checked for.

    I'm not saying there isn't potential value in what you're asking for and I don't want sound like a pessimist. Indeed I would be more than happy if a dev popped in here and said "actually I think this is very doable" - I'm happy to be proven wrong. It's just I know how much we have to battle just to get regular filling working in some places because of the quite frankly byzantium designs out there.

    If it could be made to be reliable it would be a useful feature. My doubt is still whether it can be made reliable enough. Here's to me being wrong :wink:

This discussion has been closed.