2FA code incorrectly filled on Amazon gift card redeem page

alexiaa
alexiaa
Community Member
edited March 2019 in 1Password in the Browser

On Amazon's gift card redeem page (https://www.amazon.com/gc/redeem and other Amazon regions such as .co.uk and .de), 1Password incorrectly autofills my 2FA code in the "Enter claim code" field.

This is the input field:
<input type="text" required="" id="gc-redemption-input" name="claimCode" class="gc-redemption-input a-input-text a-span12 a-form-selected" autofocus="autofocus" value="" data-com.onepassword.iv="" data-op-id="0" data-com.agilebits.onepassword.user-edited="yes">


1Password Version: Not Provided
Extension Version: 1.14.2 (Chrome 73)
OS Version: Windows 10
Sync Type: my.1password.com

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited March 2019

    @nyuszika7h: Aha! You're totally right! I was confused by your comments at first, partly because I misunderstood, and partly because I was already signed into Amazon in Chrome. But if you go to https://www.amazon.com/gc/redeem and have to sign in, when the gift card page loads 1Password X misinterprets that "code" field as being for two-factor authentication, so it will fill the TOTP code if you have 1Password setup to generate one for your Amazon login. Thank you for bringing this to our attention! It might have taken us a while to happen upon this specific interaction on our own. :chuffed:

    ref: xplatform/filling-issues#465

  • jd_lewin
    jd_lewin
    1Password Alumni

    Aloha @nyuszika7h,

    I'm writing to let you know that our latest release of 1Password in your browser has addressed the filling issue you reported. You'll want to quit and re-open your browser to ensure you've got the latest version, but after that you should have the wind at your back.

    🤙🏻🌴🌺

This discussion has been closed.