Exact URL matching

2

Comments

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    Hi @wiserweb,

    As a developer I'm sure you understand that for there to be any hope of change we need to understand how the current approach fails. If I were to go to the developers and say you're unhappy with the current UI and consider it bug and offer nothing in the way of detail or explanation the best I can hope for would be a "duly noted" and nothing more. I couldn't blame them either because the argument is too vague.

    As it stands 1Password displays all matches to the registered domain name. Matches to the FQDN and any items flagged as a favourite are elevated to the first section and the rest below in a section of related items. Exceptions to this are based on the Public Suffix List. Given FQDN matches are always elevated above related matches what is it about the current UI that is impeding speedy identification of the desired Login item?

    I do feel it's worth pointing out that 1Password has always made related items available, previously there were hidden behind a first level menu item titled Show xxxxx more items, all we're doing now is making them a bit more visible in the default view because the Suggested Items is a first level menu option now. The one option that altered 1Password's behaviour was removed because quite frankly it caused more hinderance than good so for the greater good it was removed and I'm not sorry to see it go. We can't simply add more configurable options whenever there is a request, not even if we cheat and hide behind the word Advanced. The more options you throw in the more it risks becoming unwieldy and as it stands the learning curve is too steep for many people (which is on us to correct).

    My intention is not to discount you but to impress on you the need for detailed arguments as to why something isn't working. Detailed justification will always get us further in the debate which will need to happen if there is to ever be any change. You're quite right of course, reaching the right answers from the wrong questions is almost an impossibility so if we don't understand we need you to help us see your viewpoint. Then if we still have questions we're hopefully in the position to ensure they are the right questions.

  • AGAlumB
    AGAlumB
    1Password Alumni

    It just feels that you're telling me that 1Password is the wrong tool for me as a developer as it's designed for 'broader usage' since it benefits more those 'people'.

    @wiserweb: Not at all. Just keep in mind that your use case isn't the only one that counts. Something not being exactly the way you want it to doesn't equate with "degraded experience". We need to consider all 1Password users, not just you. As a developer, I'm sure you consider all of your users, not just self-anointed "power users".

    As I explained, for server.domain.com, the list should not show projects.domain.com as a login option. Period.

    Why not? I've given a few concrete examples of why it doesn't work like this already, and I could come up with many many more as well. While it may be what you want for your specific use case, that isn't true of most users. I don't think it's reasonable for us to change this behaviour for everyone for a small number of people, especially since the exact match will be at the top for you and you can ignore the rest. At least that's what I'm seeing in my usage. You still haven't answered my question about whether you're seeing something different. That would be a bug worth investigating.

  • wiserweb
    wiserweb
    Community Member
    edited August 2018

    @brenty @littlebobbytables

    Many users are logging into applications that share a root domain, it's not just developers.

    There are many application that are installed for users that have hosting plans. Here's an example of a small business that is using several popular hosted open-source tools, they are the typical users:

    -vtiger.domain.com (For CRM)
    -project.domain.com
    -billing.domain.com
    -gitlab.domain.com
    -stats.domain.com (for pwiki)
    -cal.domain.com (for caldav)
    -nc.domain.com (for Nextcloud)
    -app.domain.com (CNAME to SaaS App)
    -webmail.domain.com
    -panel.domain.com
    -server1.domain.com
    -mail.domain.com
    -ftp.domain.com

    Small businesses worldwide are using similar setups when they purchase their domain names. Small business represent 99% of new businesses created and are the engine of the economy.

    Should small business owners and employees see every login credentials as an option when they are logging into gitlab.domain.com or projects.domain.com?

    If these users are less sophisticated than developers why are they being offered unusable login credentials for a sub-domain? Isn't the current design logic more confusing?

    If this is the intended behavior of 1Password then I respectfully disagree that this is user friendly on the first count, on the second count that this 1Password being able to distinguish from two distinct sub-domains is in somehow anyway an Advanced feature and on the final count that these issues I bring to your attention are unique corner cases.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @wiserweb: Again, are the exact matches not showing up at the top for you, so that they're at the top, clearly delineated from the others, and just a keystroke away from being filled?

  • wiserweb
    wiserweb
    Community Member
    edited August 2018

    @brenty

    It's not clear to me why cal.domain.com has precedence over gitlab.domain.com. Is this how it's supposed to work?

    And why would any user be interested in seeing a whole list of partial matches that are irrelevant to the current context of the task at hand?

  • AGAlumB
    AGAlumB
    1Password Alumni

    @wiserweb: You're using 1Password X, not 1Password for Mac or Windows (which this discussion is about). 1Password X is separate, relatively new compared to the desktop apps and their extensions, and does not have the feature we're referring to (and attaching images of) here, but I do believe that's on the agenda for a future update. If you're using 1Password for Mac or 1Password for Windows, you can use the desktop extension to get this behaviour now:

    https://1password.com/browsers/

  • leopard_shark
    leopard_shark
    Community Member

    I'm currently evaluating 1Password as a replacement for Bitwarden, which I'm somewhat dissatisfied with. This is the killer feature that is preventing me from quickly switching everything over for myself and my family today (just found this post by googling for a solution t o this problem). Not only do I have 10s of unique logins on my corporate domain at work, but I also have a bunch of stuff hosted on a server at home, all behind a reverse proxy on my personal domain. Being able to get your domains set up so that you can always directly fill the login you want every time is sooo nice (and pretty much required for dealing with sites that use HTTP basic auth, which are all over the corporate world).

    I do have to admit that I'm also a professional software developer, and thus fall into the same vocal minority of users on this thread I suppose. That said, given the ease with which Bitwarden handles this, I'm having a hard time accepting the arguments against the feature. I'd recommend checking out your competition here and taking notes. It doesn't have to be confusing - just hide it behind an "advanced options" section and/or throw up some scary warning text that says "don't change this if you don't know what you're doing".

    Bitwarden simply implements a drop-down next to the URL text box with the following list of options: "default", "base domain", "host", "starts with", "regex", "exact" and "never" (see screenshot). Multiple URLs are allowed. This covers pretty much any scenario imaginable. I'm sure most users will always leave it at the default, but it's invaluable to people in my position, and I can hardly imagine someone complaining that it's too complicated and asking for the features' removal.

    I love most of what 1Password offers, so I hope the team will reconsider their stance on this issue.

  • ag_sebastian
    ag_sebastian
    1Password Alumni

    Welcome to the forum, and thanks for checking out 1Password, @leopard_shark! :)

    Thanks so much for your detailed feedback, as it really made sense to me (not that other feedback didn't, but I just joined this topic). I've shared your thoughts with the rest of the team, but I can't guarantee when or if we'll implement something like that. I wish I could have a more straightforward answer for you, but this is the best I can do for now. We'll certainly continue to gauge interest for the feature. :)

  • leopard_shark
    leopard_shark
    Community Member

    Thank you for getting back to me so quickly @ag_sebastian ! I appreciate your response, and that you're at least considering my feedback. I'll keep an eye on this thread while I continue evaluating the product for my family.

    I hope you had a great weekend!

  • AGAlumB
    AGAlumB
    1Password Alumni

    Same to you and your family! Thanks for taking the time to check out 1Password. If we can find good ways to surface more advanced features -- and the spare cycles to add them -- without negatively impact those not using reverse proxies, etc., that could be win-win. :)

  • timby
    timby
    Community Member
    edited February 2019

    I'm new to 1Password and am currently in a trial period. So far I love most of what I see...except this one feature. I also have multiple logins for the same base domain (for multiple sites). I think placing subdomain matches at the top is a good start, but I would really like to see this expanded.

    My vote goes for what @leopard_shark has recommended. I understand how "advanced options" may confuse some people, but I think you should cater to both the basic users and advanced users, to a point. This particular feature is the big missing item for me.

    As an alternate (or supplemental) feature, could you also put "exact matches" at the top of the list, similar to how you put subdomains at the top? For example, let's say I have different logins for company.com/login, company.com/app1/login and company.com/app2/login. If I'm on company.com/app2/login, could it be shown first, same as how a subdomain match is shown at the top (and not auto filled)? I think in most cases this will be the desired login, but if it's not, it still allows the other logins to be selected.

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    Greetings @timby,

    Getting the balance right is tricky and I'm not about to suggest what we do today is the right answer. I can see why if a person has a number of web services all hanging off the same domain and only differing by the path that they'd like to see this. The trouble is we also see plenty of confusion over the ordering as it is even with the more simplistic rules. How many might benefit with the more complex rules over additional confusion generated as a result. I don't know what the right answer is but sometimes the best we can do is make sure it works for the most typical cases and that may mean it isn't perfect for everybody.

  • emiliano_santucci
    emiliano_santucci
    Community Member

    Hi,
    I've read whole discussion and, as developer, have some dubt about UX, but is only my opinion.
    As buyer of this service I have to ask you if it possible to search, inside the app, the URL context because is, for us, is a must have feature to organize rightly the logins items.

    Thanks

  • ag_sebastian
    ag_sebastian
    1Password Alumni

    Thanks for your vote, @ribero, I'll share your thoughts with the rest of the team. :)

    @emiliano_santucci When you search for an item, we check for data within items. Let's say you have the following URLs:

    • test1.domain.com
    • test2.domain.com/login
    • test3.domain.com
    • test4.domain.com/login

    If you search for login, both test2.domain.com/login and test4.domain.com/login will show up. However, if you search for test2 login, the result you get will be test2.domain.com/login. Let me know if you have any further questions. :smile:

  • emiliano_santucci
    emiliano_santucci
    Community Member

    Hi @ag_sebastian,
    thanks for your response. I've tried your example on my 1Password 7 (rel. 7.2.4) with no success.
    In my case there are following link (in website section):
    1. http://localhost:8080/
    2. http://localhost:8080/test
    3. http://localhost:8080/stuff
    4. http://localhost:8080/test/subtest

    If I search test inside the search bar:

    I'm in error?

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    I'm definitely no expert on how searching works but I think we do some sort of hash or similar for the registered domain name and FQDN (Fully Qualified Domain Name) as well as things like the title but it would probably require asking a developer for a specific platform how it works there. I don't believe 1Password does anything for the path component of the URL and I would suspect there may be performance concerns.

    Getting the balance right so that something is friendly enough for those less technically inclined whilst still offering use for the power users is and will probably always be a challenge. If we added a preference each time we needed to ensure a new feature didn't affect too many people we'd be hip deep in checkboxes and that impacts the already steep learning curve. There are programs I use where I can never remember which of the 5 difference places preferences are stored I need to for a particular thing and that can risk make a program impenetrable.

    1Password hasn't always only grouped by only the subdomain, we moved to that after whatever we used to do caused more problems than it helped solve. That doesn't mean we've got it right yet but it isn't that we decided on this on day one and we believe this is the only approach. We do have a strong opinion on the addition of new configurable options (only as a last resort) so I do believe it will be more about finding a way to fine-tune the default behaviour.

  • PSiAU
    PSiAU
    Community Member

    +1 to this. I have quite a few logins which share the same domain name but run on different sites. Eg blah.com/site01, blah.com/site02. While I might not be a typical user (i'm a devops engineer), I setup sites this way and my customers ARE normal users and they are affected by this. And before you suggest it, no, i'm not about to change the way I setup sites just to accomodate 1Password.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Okay. :)

  • tm_
    tm_
    Community Member

    Hi! Yet another developer/devops guy chiming in. I would prefer to have some sort of advanced option to force exact url matching for specific logins. But if that does not happen, could you at least consider looking at the subpath when sorting the exact matches?

    My case:
    https://service.example.com - login: user
    https://service.example.com/?admin - login: adminuser

    I have two different logins saved in 1P, with the respective exact url. Yet, "adminuser" appears as the first item in the list for both urls. I'm of course able to manually select "user" for the normal service login, but in my opinion you would create a better user experience by also taking the (lack of) subpath into account when sorting.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Thanks for the feedback -- especially the specific use case. :chuffed:

  • simbookee
    simbookee
    Community Member

    +1 for this feature. I'm using 1Password since it came out. But it is becoming more cumbersome to scroll through lists of passwords belonging to the same domain / subdomains. Some domains I manage have over 20 different logins. Dashlane with I use at work has a setting on the specific password to use exact match of subdomain. Would it be possible to make that idea available as an exact match for url (path) on a per item basis?

  • ag_ana
    ag_ana
    1Password Alumni

    Thank you for your feedback as well @simbookee! And welcome to the forum :)

  • ag_ana
    ag_ana
    1Password Alumni

    Sorry to hear this, but we appreciate the feedback!

  • jiri
    jiri
    Community Member

    +1 - there's no option to set behaviour of URL matching. I start use 1Password instead of Bitwarden and this thing disappointed me. I think that more logins for same site where URL differes only on subdomains names or URL query is common and important for power users (IT admins, users on support, etc.). Setting behaviour of URL matching is important.

  • ag_ana
    ag_ana
    1Password Alumni

    Thank you for your thoughts on this @jiri! While I cannot make any promises about how we will handle it in the future, the team is definitely aware of this.

  • tdadvertising
    tdadvertising
    Community Member

    Chiming in with a +1.

    Having upgraded to 1Password 7 this summer, I'm very disappointed in this behavior. 1Password is not just a security app for our team, it's a productivity app. Now I'm back to hunting and searching through a list - feels like I'm back to keeping logins in a spreadsheet.

    It seems sorting for best match would be a no-brainer option - especially for simple subdomains such as project.domain.com.

    If there's a solution I'm missing to sort logins by best match in the browser extension, please let me know. Having read the many threads on this issue, it doesn't seem it's going to be solved soon and it looks like I may be on the hunt for a new password manager.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @tdadvertising: As with previous versions of 1Password, by default it shows matching Logins in the following order:

    1. Logins matching the current subdomain.domain.tld which are marked as Favorites
    2. Logins matching the current domain.tld which are Favorites
    3. Logins matching the current subdomain.domain.tld which are not Favorites
    4. Logins matching the current domain.tld which are not Favorites

    While it's hard to tell based on your comments, it sounds like you may be simply viewing "All Items" instead of "Suggestions". The latter is the default, but you may have changed it in Preferences > Mini. But you can also change it back at any time if you prefer. Cheers! :)

This discussion has been closed.