Wildcard Sites?

I'm trying to use a wildcard for an entry to pop up on any site, tried just an asterisk and *.com but I'm wondering if there is even a way to do this? Basially I'm creating a login entry for multiple values that will apply across a wide range of sites, kind of like a go-to. How best to set up?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

«1

Comments

  • Hi @linkthepirate

    We do not support wildcards in URLs in 1Password. It is possible to list multiple website fields on an item if appropriate, though I'd urge caution in using that to work around 1Password's phishing protection or for the purpose of reusing the same credentials across multiple sites/services. Would you mind elaborating a bit about what you're trying to accomplish here? We may be able to help point you in a better direction.

    Please let me know.

    Ben

  • nickcmaynard
    nickcmaynard
    Community Member

    For work, I have a number of sites where I have URL patterns of the (approximate) form:

    • login.siteA.thing.com
    • login.siteB.thing.com

    I don't want to list thing.com in the "website" field, as this actually has a separate login.

  • ag_yaron
    ag_yaron
    1Password Alumni
    edited November 2020

    Hey @nickcmaynard ,

    If multiple websites require the same credentials, then add all of the URLs to the same login item.
    In case one of them has the same base domain but requires different credentials, create a separate login item for it.

    When you try to autofill, 1Password will show all relevant options based on the following ordering:

    • Favorites with the same base domain will show up first in the list.
    • Exact matches of the URL will show up 2nd.
    • Similar matches that have the same base domain but different subdomains will show up 3rd.

    If you have a specific login that you're using a lot more often than others for a specific domain, mark it as a favorite and it will make autofilling easier, as it will show up first when you try to autofill.

  • nickcmaynard
    nickcmaynard
    Community Member
    edited November 2020

    Sadly the multiple website thing doesn't help - these site URLs are autogenerated, dynamic, and there are potentially thousands of them.

    I'd ideally have two 1password logins:

    • A, for login.*.thing.com
    • B, for thing.com

    I'd happily take a separate websiteRegex or websiteWildcard option - this sort of thing is pretty unusual, and I imagine those who run into it would be happy to dig into some technical documentation if needed.

  • ag_yaron
    ag_yaron
    1Password Alumni

    Thanks for the additional details @nickcmaynard ,
    I can definitely see how you can utilize such a feature in your specific (edge) case, but we don't have such a feature at the moment.

    My best suggestion would be to create 2 separate logins, both with thing.com in the website field, but with different credentials.
    Name them properly so you'll know to differentiate between them quickly and easily, and mark one of them as a favorite so they'll always show up in the same order, making it a lot easier for you to autofill.

    We'll forward your feedback here, perhaps we'll see this feature in a future version at some point. :+1:

  • myleshyson
    myleshyson
    Community Member

    This would be really great for enterprise organizations. I work at a university hospital system and we manage 700+ websites, along with countless other services, all with the *.univ.edu domain. I really don't think this is edge case at all for people that use 1password for work.

  • ag_ana
    ag_ana
    1Password Alumni

    Thank you for the feedback @myleshyson! I have passed it to the developers for consideration :+1:

    ref: dev/projects/customer-feature-requests#31

  • bradryan7
    bradryan7
    Community Member
    edited June 2021

    +1 for this feature. In my company we deploy preview versions of our sites which vary for each new feature we are releasing. The url's only vary by one specific number (the pull request number) and it would be great to support wildcards in this scenario.

    In our case it looks something like: https://deploy-preview-*--my-custom-domain.netlify.app

  • ag_ana
    ag_ana
    1Password Alumni

    Thank you for the feedback as well @bradryan7, and for the specific example!

  • jamesaw22
    jamesaw22
    Community Member
    edited July 2021

    I'm not sure if this is the desired process for this, but I'd also like to +1 this! Also a developer, also looking to use dev creds across multiple environments.

  • ag_yaron
    ag_yaron
    1Password Alumni

    Thanks for chiming in @jamesaw22 !

  • eberkund
    eberkund
    Community Member

    I would also love this feature, in enterprise environments it is really common to have dozens or websites under different subdomains which share a common login. I can understand the security concern with not allowing TLD wildcards but *.company.com would be very helpful.

  • Thanks @eberkund - we'll be happy to add your insight to this request as well! :)

  • matea
    matea
    Community Member

    I have the same issue, we also use Netlify to deploy previews of our latest developments and URL is always different/dynamic as it depends on the PR number so it looks like: https://deploy-preview-*--my-custom-domain.netlify.app

    I see that you have concerns about this feature, but looking from user perspective this only makes me want to use weaker passwords which I can remember, than using stronger/autogenerated ones. The reason behind this is that I have few different users with which I need to test PR as they have different data and if I use 1Password then I need to open it, login to 1Password, search for that user, copy and paste password.
    It might seem silly but I think it is a bad user experience and might lead to using weaker passwords in these cases.

    This is all for web desktop, I am using Chrome extension on the Macbook Pro.

    On iOS and Android though, I have 1Password installed as well and when I go to the URL:
    https://deploy-preview-1900--my-app-89fgh.netlify.app/account/signin

    it gives me an option to choose credentials of 5 users I have, even though website field in 1Password for these 5 users is saved as:
    https://deploy-preview-1880--my-app-89fgh.netlify.app/account/signin

    Notice that only difference is in "1900" and "1880" in the URL, not sure why Android and iOS app work different than Chrome extension?

  • ag_yaron
    ag_yaron
    1Password Alumni

    Hey @matea ,

    We utilize the Public Suffix List to prevent 1Password from suggesting the same login item across special domains in which every sub-domain might actually be a completely different website. For example, if a domain named "blog.com" would show up in that list, and you have two different logins for that domain - one is "matea.blog.com" and the other is "john.blog.com", 1Password will know not to suggest and autofill both login items in each website, but keep every login separated to its unique subdomain.

    netlify.app is indeed on that list and therefor every login item you have for it should be separated to its unique sub-domain.
    In your particular case, you want to use the exact same credentials for changing/dynamic subdomains, but in other users cases they really do want/need to separate each sub-domain to its own login item and not be suggested all of the "netlify.com" login items they have (some users have hundreds of different login items for different customers, we can't show all of them whenever they need to autofill!).

    Not sure what exactly is happening on your iOS/Android devices though. Are you looking at the exact same login item(s) in both your mobile devices and the computer? If you edit and change one of these login items, does the change sync back to the computer and vice versa for that same login item?

  • username8987
    username8987
    Community Member

    Came here to see if anything has changed since 2018. Will this feature ever be considered?

    In our company we also deploy preview versions of our app that only contain dummy content. URL's are dynamically created and mostly we only have to log in to the app once or twice, so no one is going to save the credentials for a one time visit.

    I understand that this feature is shunned because you make it very easy for users to have duplicate passwords for several logins, but maybe there's a way to have this under advanced settings or something? It would be nice to have some regex/wildcard format like https://*.domain.com for development purposes.

  • ag_yaron
    ag_yaron
    1Password Alumni

    Thanks for the additional feedback and suggestion @username8987 !

    This feature is definitely on our TO DO list but I don't quite know when that'll happen. There's a lot going on behind the scenes as we're working on 1Password 8 and some other cool stuff.

    Thanks again for chiming in and sharing your thoughts and experience, I will add it to the feature's log.

  • labithiotis
    labithiotis
    Community Member

    This feature would be very desired, but currently even doing just top-level for netlify isn't working for preview builds.

    I.e. setting the website field to "https://netlify.app" doesn't work when you visit https://deploy-preview-271--builder-dev.netlify.app

    The same password also has a website configured to https://builder-dev.netlify.app which works fine.

    I assume it's a bug due to -- in URL or something.

  • ag_yaron
    ag_yaron
    1Password Alumni

    Hey @labithiotis ,

    Netlify.app is registered in the Public Suffix List, which we utilize to determine which URLs should be separated from their subdomains and handled as individual websites even if the base domain is identical.

    So in Netlify's case, you can't use a top level domain login item that will work on all subdomains as a wildcard.

  • labithiotis
    labithiotis
    Community Member

    @ag_yaron thanks for the quick response :)
    It's a shame there's no way to target these preview builds currently.

  • ag_yaron
    ag_yaron
    1Password Alumni

    Agreed. I hope we'll be able to enhance this in the future :)

  • JtMotoX
    JtMotoX
    Community Member

    Hello. I am also looking for this functionality. Our company uses SSO and most of our 'company.com' sites (thousands) use our 'ssoid' and some (hundreds) require 'ssoid@company.com'. I would like to create a wildcard for those sites which require the 'ssoid@company.com'.

    For example:

    ssoid@company.com
    - *.rancher.company.com
    - *.splunk.company.com

    ssoid
    - company.com

  • ag_ana
    ag_ana
    1Password Alumni

    Thank you for sharing this feedback with us @JtMotoX, I will pass it to the developers as well :+1:

  • amv1
    amv1
    Community Member

    +1 re: wildcard feature

  • ag_ana
    ag_ana
    1Password Alumni

    Noted @amv1, thank you :+1:

  • jbburf
    jbburf
    Community Member

    I have the same problem and would really like wildcards for URLs as I have hosts that are dynamically created. Would be nice if I could use 1Password to save the admin credentials for any new hosts without adding URLs constantly...

  • Hello @jbburf,

    Thank you for another vote. I already added you to the request users list, and it will add more weight to it. Please be patient and stay up to date with the latest version of 1Password. That is the best way to get all the fixes and features.

  • dig
    dig
    Community Member

    Just adding my +1 to this. I am a developer and being able to set a password for all 192.168.1.* so I don't have to keep adding individual addresses to the same entry would be very helpful.

  • ag_tommy
    edited March 2022

    Thanks dig. I've mentioned it to the team.

    ref: IDEA-I-57

  • eman
    eman
    Community Member

    Really cool to see the engagement here! I thought i'd +1 as well, with my own use case:

    Have a bunch of locally accessible (non internet) servers that have unique hostnames but end with some common text with a special domain. These all share a common login for web-based hardware management, and it would be great to have the popup suggestion / autofill instead of going up to the app and copy-pasting every time.

    imagine:

    server-01-idrac.lan
    server-02-idrac.lan
    .......
    server-99-idrac.lan