domain matching is too broad for autofilling passwords

i was consolidating some logins today, and noticed something strange.

if you enter subdomain2.foo.com in a "website" field for a password item, and subsequently attempt to login to subdomain1.foo.com, it will autofill the password from subdomain2.foo.com.

imo, this is too broad. if i specifically put a subdomain for a password item, i don't want that password filled on other subdomains hanging off the same suffix.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • ag_kevinag_kevin Junior Member

    Team Member

    Hi @clenart ,

    In the Preferences, there is an option called "Allow filling on pages that closely match saved websites." Have you tried toggling that feature? That may be what you are looking for.

    Regards,
    Kevin

  • i have this option disabled, and this issue still reproduces.

  • Hello @clenart,

    If there is no exact match for the subdomain 1Password will fill using a closest match if there is only one entry and I think this is what you're referring to. I don't see this changing though as it would likely only make it harder for the majority of our users who don't care about things like subdomains.

    If you have unique entries for multiple subdomains then the fill current page keyboard shortcut ⌘\ will always use the correct one, it only looks further if there is no exact match present. 1Password will offer to save on other subdomains as well assuming the passwords used on each login page are unique.

    I apologise that this probably wasn't the answer you were hoping for.

This discussion has been closed.