One Time Password Not Copying
Hi guys,
I don't know if this is a feature request or bug - but I'm using the beta of 1Password on Mac, and also the beta of 1Password X and my one-time passwords are not copying after autofill.
It did this before I migrated to 1Password X (i.e. using the old browser extension), and I am using the beta to avail of the TouchID integration with the desktop client.
I saw it mentioned in another thread (https://discussions.agilebits.com/discussion/103373/1password-x-not-copying-one-time-password-keys) that it should autofill the one time password (which I think I've seen it do on other sites) but the site flow in this example is that after the username/password is filled in, I'm re-directed to another site to enter the one time code. I wouldn't expect it to know to autofill it, hence the copy to clipboard so I can simply paste it was handy.
Is it supposed to be copying to clipboard and it's a bug, or am I asking for a feature that isn't implemented?
Thanks,
Richard
1Password Version: 7.3.2-BETA0
Extension Version: 1PasswordX 1.16.5
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
Hi @rcampbell22 – welcome to the forum! We're happy to have you here. :)
The "copy one-time password to clipboard" feature is indeed part of the desktop-dependent 1Password extension. 1Password X, on the other hand, should fill your OTP automatically. It sounds like you're redirected to a completely different page, though. I'm not sure how I'd expect 1Password X to behave in that situation, but I'm curious about it. Do you happen to have the website URL where you noticed this? It'd be great if I was able to set up a test account and determine what we can do better.
0 -
Hi @kaitlyn,
Yes, it's redirecting to another site (which is the right behaviour in this instance) and hence I wouldn't have expected it to autofill.
The site is using Microsoft Azure AD to authenticate, and the confusion with the flow is that it's integrated to an on-premise AD for authentication, but then using Azure AD for MFA. So the rough flow is:
- Access the website which requires Azure AD
- User is redirected to on-premise URL for authentication (which is where the autofill takes place)
- User is then redirected to Microsoft hosted MFA page to enter one time passcode
- User is then redirected back to the original website as an authenticated user
I was happy enough with it populating the clipboard previously (as all I had to do was then paste the code) but I appreciate this may not be technically possible with 1Password X.
Hope that helps. Given it's an on-premise application you'll appreciate I can't give you a more specific example, but the Azure AD MFA workflow should be fairly well documented online by Microsoft if you need to check it out.
Thanks,
Richard0 -
@rcampbell22 – That's definitely an interesting one! I'm curious what happens if you add the website URL from step 3 to your Login item in 1Password. You can have multiple website URLs stored, so you'll want to add it in addition to the one that's already stored. If 1Password recognizes the field as an OTP field, then it should fill for you when you select your Login item in the inline menu. It may be a long shot depending on how the website is coded, but I think it's worth a try.
It's not looking like this is something I'd be able to test myself, so if you wouldn't mind testing it out for me then that would be great. Let me know how it goes!
0 -
@kaitlyn - I've tried it this morning and it doesn't fill it automatically with the extra URL added, but it does now bring it up in the list of suggestions (which makes it easier to find to copy and paste)...so we're making progress! :)
To give you a bit more info:
1. The first URL is https://login.microsoftonline.com/common/oauth2/authorize?... (I added https://login.microsoftonline.com as the 2nd URL as it's also start of the MFA one) and here I enter my email address. 1Password X now fills this in after adding it to the entry.
2. I then click 'Next' and am redirected to the on-premise URL where the email is pre-filled (not due to 1Password) and I'm prompted to enter the password. 1Password X brings up the suggested list and I click the entry I'm using with the one time passcode. The password is auto-filled and then I press 'Sign In'.
3. I'm then redirected back to https://login.microsoftonline.com/common/DeviceAuthTls/reprocess and prompted to enter the one time passcode. If it helps, the HTML for this is:1Password X doesn't try to auto fill, nor does it popup the suggestion box. If I open the extension from the menu and select 'Autofill' on the entry, it does correctly put the code into the box though. It's like the re-direct is breaking the flow so it doesn't decide to fill it automatically, but I've now made the process a bit easier for myself so at least that's something!
Thanks,
Richard0 -
@rcampbell22 – This is good news! I wouldn't have expected 1Password to automatically fill in the OTP after being redirected, but it would have been nice if the inline menu appeared in the field so you didn't have to resort to opening the popup. Do you see the 1Password icon inside the OTP field at all?
Either way, it does seem like 1Password is recognizing the field as an OTP field, so that's why the code is being filled in upon clicking Autofill. I'd say that's definitely progress from before. Reducing the number of clicks it takes to get this working is a success in my book. :wink:
Again, thanks so much for testing this out with me! It's really nice to learn about the different sites people use because there's no way our team could possibly test them all. Out of curiosity, I did attempt to reproduce the issue by signing into my https://login.microsoftonline.com account, but I don't get the same redirect that you do. The OTP automatically filled correctly in my case, but it's good to know about one-off situations where it doesn't work as we would have hoped.
0 -
@kaitlyn - I didn't see the icon when it first loaded. When I right-clicked and selected 'Open 1Password', then the icon appeared but it didn't show a dropdown or anything. The only way to get it to fill was to use the toolbar icon to find the entry and press 'Autofill' - but I agree, the less clicks the better! :)
We actually use quite a few Microsoft services/accounts, and most of them work perfectly with the OTP - but this scenario is the only one we have which uses an on-premise authentication re-direct due to how the Active Directory has been configured. It wouldn't be the most common scenario however.
I presume there is no way to have 1Password X auto-copy the OTP to clipboard any time the login is filled? That would be the handiest solution if it was possible (like the desktop client does)?
0 -
@rcampbell22 – I think you've brought up a really good point. I'm not too sure what the limitations are when it comes to copying the OTP to the clipboard in 1Password X, but I'm going to bring it up to our developers because I feel it deserves a discussion. I don't think we'd want to copy the OTP in every scenario since that would clutter your clipboard. Perhaps it's possible to check if 1Password filled the OTP, and if it didn't, we could resort to copying. Thank you for bringing this to our attention!
ref: x/b5x#1347
0