1Password not working with Bank of Melbourne

Hi,

1Password seems to have stopped recently working with my bank (Bank of Melbourne). The login page I'm using is here: https://ibanking.bankofmelbourne.com.au/ibank/logonAction.action

When I try to use 1Password to login it fails with the message: 'The System is currently unavailable. Please try again later. We apologise for any inconvenience caused.' I get the same result whether I manually browse to the login page and use Ctrl+\ or whether I just click on my Bank of Melbourne bookmark within the 1Password browser extension.

I can, however, login without a problem by opening up the 1Password application and copying the passwords over from their. Or presumably I could manually type the passwords in, except that I don't know them which is the whole reason I have 1Password in the first place ... So, anyway, the message about the system being currently unavailable is clearly wrong.

I'm using Firefox on Windows 10. I've checked that everything is updated to the latest versions.

Any help would be great.

Thanks,
Andrew


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • PilarPilar

    Team Member

    Hi @andrewdw,

    I'm sorry about this annoying issue. I've done some testing on the page that you mentioned and it looks like they have recently added some extra features to keep you from using password managers. For example, if I save the login the information sent to 1Password is different from what I typed in. Given that this is a feature built into the page by your bank we can't really bypass it. However there are a few things that you can do to make using the page easier in the future. The first thing that I notice is that the card number and issue number are correct. You can edit your entry to "Never submit", and you'll only have to copy the Security Number and Internet Password by hand. Remember that the anchor on the left bottom corner will let you keep the item visible.

    This article will give you further ideas on what to do with pages that don't work well with 1Password: https://support.1password.com/copy-passwords/

    Please let us know if this helps you and if there's anything else that we can do for you :chuffed:

  • MikeTMikeT Agile Samurai

    Team Member

    Hi @andrewdw,

    Just an FYI, I've moved your thread to our Saving and Filling in browsers forum, so our extensions team can review this and see if they can add improvements to the extension to help with this.

  • jxpx777jxpx777 Code Wrangler 1Password Alumni

    Hi, @andrewdw. This is an interesting one and luckily it's only the second one I've seen like it. Honestly, we haven't figured out how to deal with this situation yet. The site is clearly changing the values of the fields so that 1Password captures the wrong values. @Pilar's tips are good ones, but I would also be interested to see if you can edit the incorrectly saved values and see if the site accepts them then. To do this, create a new item for the page manually. Then, locate the item in 1Password, edit it, and update the password fields in the web form details section to the real values rather than the scrambled ones provided by the site. (The password fields should have clear labels of securityNumber and password but if not, they should be in the order that they are presented in the page.) Then, save the item and try to fill it again.

    At a guess, I'm thinking that this won't fill properly but I would love to know for sure. It fills for me here, but without a valid account, I can't be sure if the filling is correct for the site to allow you to actually sign in.

    Let us know how it goes!

    --
    Jamie Phelps
    Code Wrangler @ AgileBits

  • OK, thanks all three of you for your help.

    Pilar's suggestion of copying over the details that don't auto-fill works, and it's what I've been doing. So it's a workaround but it's painful!

    Jamie - I don't know if it's good news that there's only two sites in the world with this problem or bad news that my bank is one of them!

    Anyway, here are the results of some further testing as you suggested:

    I created a new saved login manually using the steps on the page you linked to. As Pilar said it saved the userId and issueNumber correctly but scrambled the securityNumber and password. I then tried to login with the new saved login which obviously didn't work but interestingly gave a different error message: "One or more of the input details are invalid. Please check your details and try again."

    So, then I edited the new saved login to the correct details and I was back to the original problem with the "System unavailable" message. I've got no way (that I can think of) of knowing whether 1Password is auto-filling the correct values (because they just appear as dots) but the correct values are saved.

    So, I think the site is somehow detecting that the fields are being auto-filled and gives the "system unavailable" message (as well as detecting when 1Password is trying to save a login and scrambling the saved passwords).

    Does any of that help?

    Andrew

  • Hi @andrewdw,

    I believe your bank is performing some maintenance right now so I'll have to check the login page out later. I've got a couple of theories but need to see the page first. So I need to remember to take a look tomorrow when they should be finished.

  • edited May 2016

    Hi,

    I’m having the same problem with The Bank of Melbourne. I manually entered the data saved in 1Password and I successfully logged in. When prompted by 1Password to save it as new password information or overwrite the existing I saved it as new. Checked the new passwords and they were random. Needless to say, I can’t log in with this new data either.

    I sent a tweet to The Bank of Melbourne and their response was “Currently we do not endorse third party password managers.”

  • Thanks Jeff - at least I know it's not just me then.

    @littlebobbytables - Did you have luck with your theories?

  • jxpx777jxpx777 Code Wrangler 1Password Alumni

    @andrewdw Not yet. LilBobby and I have different weekends (mostly so we can make sure customers' questions don't go unanswered for days), so I'm just now having some coffee and trying to get caught up on this Memorial Day. :)

  • edited May 2016

    I forgot to add my setup to my comment above: Mid 2010 iMac; OS X El Capitan 10.11.4; Safari 9.1; 1Password 6.3

  • brentybrenty

    Team Member

    I sent a tweet to The Bank of Melbourne and their response was “Currently we do not endorse third party password managers.”

    @jeffchristesen: I don't think anyone's asking for an endorsement, but not mangling people's passwords would be nice. :lol:

    I'm seeing (apparently) similar results on both OS X and Windows. Perhaps @littlebobbytables will have some additional insight on this...

  • jxpx777jxpx777 Code Wrangler 1Password Alumni

    In this other thread about Bank of Melbourne, we've pretty well figured out what the problem is and there's not an easy solution to it. It will require some more consideration to make sure we get it right without fouling up the rest of 1Password's form filling.

  • Hi @andrewdw,

    Sorry for not getting back to you and thanks for the nudge, my memory can be terrible at times :(

    Given everything we've learned about this site since the conversation started and because you're on Windows there is a way you can kind of get 1Password working but I'm not sure if it's an improvement over copy and paste.

    1Password for Windows can make use of something called Auto-Type. It's a way for the 1Password application to instruct Windows to impersonate the keyboard (if that makes any sense), basically bypassing the extension. For weird sites like this it means the username and password appear to be typed out character by character and because of how the page works it should work. If the site had been a single username and password field this could have worked out for you at least (but not anybody on the Mac). The reason is 1Password for Windows allows you to set a Login item to always use Auto-Type instead of filling using the extension. You would ensure focus is in the username field and then just use the fill command as normal. If you set up a Login item with the card/access number as the username and the security number as the password field you could set it to always use Auto-Type and 1Password for Windows would fill the first two fields. The problem comes down to the third field. You could set up a second Login item that also uses Auto-Type and instruct it to fill just the password but in the end is this an improvement over copy and pasting? If you believe it is and want to know more then we have a page that talks about auto-type which is available at Using auto-type.

    What you would want to do is set up the first Login item with your card/access number and security number and have it use Full-time auto-type. The second Login item would store the Internet Password and you would use Field-level auto-type with this one.

    It's certainly not optimal and if Jamie can find a way for us to work better here that's definitely the route we need to go as it would benefit both platforms and remove the massive clunkiness of what I've talked about above.

  • OK @littlebobbytables, now it's my turn to apologise for taking a while to reply - sorry took me a while to find the time to sit down and try your suggestion.

    Anyway, your suggestion works but as you say it's not really any better than copying and pasting.

    As you say I had to create two 'Bank of Melbourne' items in 1Password. The first has the 'Card/Access Number' and 'Security Number' fields, the second has only the 'Internet Password' field. I enable auto-type on both of them. I then browse to the login page and press Ctrl+\ and a popup menu shows the two logins I have saved - so I select the first one and the first two fields are correctly filled in. If I choose the second one it fills the third field but incorrectly. Instead I have to open the 1Password program and press the auto-type in the second saved login. That works, but it's not better (and I think probably even clunkier) than just copying and pasting.

  • jxpx777jxpx777 Code Wrangler 1Password Alumni

    Thanks for trying that out, @andrewdw. I'm exploring some wild ideas for how to handle these sites better, but I don't want to say more right now since I don't know if it will pan out just yet.

  • ChubalooChubaloo
    edited June 2016

    Hi all,

    I'm unsure if i should start a new thread about this, or dump it here, i decided on the latter.

    This bank https://online.bdo.com.ph/sso/login is also doing the same as OP, but even worse they are now blocking the ability to paste the password in. If you disable Javascript to allow you to paste the password then you cannot use the login button.

    So the only solution right now is to type the password in (i'm on a mac so can't use auto-type). I appreciate that this is by no means the fault of 1Password, but hopefully will help you guys find a solution to sites that do this.

    Thanks

  • brentybrenty

    Team Member

    @Chubaloo: I'm sorry for the trouble there! Thanks you for reporting this. Hopefully we'll be able to find some means of working around it. Having an Auto-Type feature on OS Xwould be awesome, so perhaps if we're able to do that in the future it will help in this and other cases as well!

  • themavericktraderthemavericktrader Junior Member
    edited June 2016

    Oh my, I have been having this issue now for the past few months and its driven me absolutely crazy..

    To clarify I'm on an el cap 5k iMac and have an account with a sister bank in question, in Adelaide. I did tweet the company about it and they said to use the bank of Melbourne or another site for testing and the problem happened at all three.

    I'm thrilled to a degree that others are having the same issue..

    Sorry x

  • PilarPilar

    Team Member

    Hi @themavericktrader,

    I can feel your frustration, and thank you for contacting your bank about it! Keep an eye on the updates to see if we've found a way around it! :chuffed:

  • Hi guys,

    I know this isn't exactly the solution for 1Password, but i was reading this post - https://www.troyhunt.com/the-cobra-effect-that-is-disabling/ - on the matter, and one of the comments stated...

    "Firefox has a setting which allows you to disable hooking of the oncopy/oncut/onpaste events.

    Discussed in bug 542938 back in 2012: https://bugzilla.mozilla.org/show_bug.cgi?id=542938

    Which gives us an about:config setting of dom.event.clipboardevents.enabled
    Details: https://developer.mozilla.org/en-US/docs/Mozilla/Preferences/Preference_reference/dom.event.clipboardevents.enabled

    There's plenty of bugs related to copy/paste in the Chromium bug tracker, but can't find any feature requests to turn it off.

    I'll leave it as an exercise for others to figure out if it's in MS Connect."

    I can confirm that this workaround works with BDO bank I talked about earlier.

  • jxpx777jxpx777 Code Wrangler 1Password Alumni

    That's interesting, @Chubaloo. I don't think this is something we want to tinker with, but I do like that Mozilla expose this setting!

  • @jxpx777 Yeah it's a 'hack' at best, and disabling the paste capturing in FF also makes Facebook a little funky when tying to paste anything in. Hopefully you guys can find a graceful way to get around this issue in the future.

  • brentybrenty

    Team Member

    We'll certainly keep trying. Thanks for the encouragement! :chuffed:

  • lm_jolm_jo
    edited May 2017

    Looks like the bank has changed their login page to be password manager friendly.

    I can confirm that the login page of Bank of Melbourne is now working with 1Password perfectly.

  • brentybrenty

    Team Member

    Awesome! Thanks for letting us know! That's good news indeed. Though that probably means the weekend is over where you live, you should celebrate nonetheless. Cheers! :lol:

This discussion has been closed.