Adding URLs as I go after import/migration

TurdFerguson
TurdFerguson
Community Member
edited February 2018 in 1Password in the Browser

I feel like this has to be a solved or at least somewhat addressed problem, but I promise I've done lots of searching and come up empty -- everything I'm searching for is common enough to come up with a bunch of unrelated stuff or I'm just unfamiliar with 1Password specific terms since I'm new around here.

Well, anyway, as the title suggests I'm coming from KeePass / KeePassXC. I imported all of my crap which was no bed of roses but I got through it. As I was content to just let KeePass do its autotyping based off window titles, almost all of my Logins in 1Password are just Title, Username, and Password. No URL/"website" field whatsoever.

I realized quickly this did not play well with how 1Password expects things to be in order to fill them in the browser, and unfortunately I'm finding nothing to help me along here. 1Password doesn't seem like it's attempting any kind of secondary matching to bring up an existing login based on anything but the URL field, not even in the "suggested items" bit which only ever offers up identities and credit cards despite having Logins to choose from with the exact same title as the domain I'm on.

Manually searching for the Login and copying and pasting the stuff manually and then trying to save it back by clicking the little button on the fields always results in a new entry with no option to "update existing entry" as I've seen some references to in my searching.

If I have to manually copy the URL I'm at, search up the name of the site I'm already on in 1Pass, click edit, wait for the new tab to load up†, click into the URL field, paste, click save, close the new tab, for every single one of my Logins as I try to use them ... well that's an awful lot of friction for something that doesn't seem like that much of a corner case.

So there's definitely an easier way to do this locked away somewhere, right?

If not and any part of my post is unclear I can provide more details and screenshots/video/whatever but, again, I'm assuming this isn't the first time someone's run across this scenario.

† boy that kind of stinks huh? are y'all working on being able to edit right from the little extension popup? that would probably feel a lot better, might even make the annoyance of having to manually copy the URL out of the address bar myself palatable -- having to deal with a whole new tab makes the whole thing feel like such a chore.


1Password Version: 6.8.6
Extension Version: 1Password X 1.5.0
OS Version: macOS 10.13.3
Sync Type: 1Password

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    @TurdFerguson: Thanks for getting in touch! And no worries. This is a pretty complex issue, so I'm not so sure I'd know what to search for either. Ultimately you did the right thing by asking instead of spending a lot of time looking, as we'll either already have the answer...or if we don't it's probably something worth looking into anyway. ;)

    Now, I have to say that, in my experience, this really is a very narrow edge case as, to the point where I don't think I've ever heard of anyone else having a large number (all?) of their logins without URLs of any kind. There are a couple of reasons this is a bit of a non-starter for us here, though I do hope 1Password can be more flexible in the future...but that's a whole can of worms as you'll see:

    First, the 1Password apps cannot, for the most part, fill outside the browser. There are exceptions to this (iOS extension, Auto-Type on Windows), but generally speaking browsers are the only ones allowing us integration to be able to save and fill.

    Next, when we're talking about 1Password X, that works solely within Chrome, so there's no way for it to do anything outside of that with other apps. That's just part of the browser security model, and that's pretty important for ensuring that we're not all hosing our systems just by going to a website we shouldn't.

    Finally, another security consideration — and a pretty important one — is phishing. 1Password is very strict about only offering logins matching the URL so that we're not getting tricked into filling our login credentials in dumb places, or falling prey to more sophisticated attacks using unicode domains which appear the same as legit sites visually but are controlled by malicious parties.

    So, as you can probably guess from all of this, there's good news and bad news. The bad news is that there really isn't a solution to this specific problem other than to power through it and get your stuff together.

    I think the way you're doing it as you go is the best so you won't go insane trying to do it all at once. And unfortunately the only way to be sure that your logins are associated with the correct URLs is for you to add them yourself. 1Password could theoretically be taught to guess and could probably get it right with the most popular sites, but guessing wrong could be disastrous. I like to think I'm better at this than a computer, but when people give only a website name and no URL, I find I'm often struggling to determine which the right URL might be.

    The good news is that we are working toward being able to edit right within 1Password X and generally making it as full-featured as technically possible. Thanks for your feedback on this, and also giving us some additional food for thought with regard to where you're coming from. I'm not sure that's a use case we should design around, but it is helpful to know that there are folks out there with logins completely disconnected from websites, which is generally our assumption.

  • TurdFerguson
    TurdFerguson
    Community Member

    Daaang not even some fuzzy matching to suggest a match (like in the "suggested items" part) just so I don't always have to type in the first few letters?

    This'll be a long road. Oh well, thanks for your reply.

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited February 2018

    @TurdFerguson: I hear you. And I'm sorry I don't have a magical solution for you here. The concern is that we really don't want 1Password deciding what is and is not a valid match in a "fuzzy" or otherwise non-binary fashion, as that's a great way for people to fall prey to scams by not paying close enough attention. As I mentioned above, in many cases, URLs can even look completely identical to the user, so in that case we're all completely reliant on 1Password not allowing any leeway, as there's no easy way for us as humans to differentiate between apple.com and аррӏе.com (unless your browser has been updated to display the IDNA version instead), and that's just one example. Very distinct Unicode characters can look identical, and we haven't seen the last of scams taking advantage of that. :(

This discussion has been closed.