Ignore TFA Field for USAA

This request is based off of https://discussions.agilebits.com/discussion/75887/1password-should-not-prompt-to-save-update-the-password-when-a-3d-secure-code-is-typed-in.

I bank with USAA, and logging in requires a two factor auth step. When I insert this TFA code, from an SMS not generated locally in 1Password, I am prompted to update my password for the website. Could you please update the extensions to ignore this field?

I primarily use Safari, however this also occurs in Chrome.

The password input field HTML is here:

<input type="password" style="margin-left: 10%;height: 25pt;width: 100pt;margin-top: -7pt;border-radius: 5pt;border: solid 1pt;border-color: #076a93;font-size: 200%;" autofocus="" maxlength="6" size="10" value="" name="securityCodeentryTable:securityCodeentryTable_body:code" id="id29">

This does not appear to be within an iframe. The URL of the page is https://www.usaa.com/inet/ent_auth_otc/otc/securityCodeApp?0&acf=1. You have to have already used your username and password to reach this page.

A screenshot of the page is here:

1Password Version: 6.8.6
Extension Version: 4.6.12
OS Version: 10.13.2
Sync Type: Not Provided


  • brentybrenty

    Team Member

    @milsyobtaf: Thanks! It's something we'll look into. The main concern is that, in general, having 1Password not offer to save is a Bad Thing™. So in most cases our efforts are to make sure it does offer, and let the user decide when they don't want that. With that in mind, you can click the "gear" icon in the autosave prompt to tell 1Password never to autosave there in the future (you'll still be able to manually save a new login though), or add an exclusion for it in 1Password Preferences > Browsers. I've saved all of this information in the issue I filed too, so you can delete the screenshot from Dropbox if you like. Thank you for sharing the details! :)

    ref: opxi-71

  • @brenty That makes total sense. Thanks for looking into it! I didn't realize what the autosave toggle would do, but that sounds like a reasonable workaround.

  • daltondalton

    Team Member

    That's great to hear, @milsyobtaf! I'm glad the workaround that brenty suggested works for you. Let us know if you have any follow-up questions! :)

This discussion has been closed.