"Use Suggested Password" when username and password already exists
I recently switched from 1Password for Windows to a 1password.com subscription and 1Password X. There are a lot of nice things about 1Password X, but there are also a lot of things that feel like a step backward to me (why oh why does "Never display in browser" not work anymore, it's so frustrating — can we at least change it to "Never suggest on form field"?).
But the thing that has been the most frustrating is that 1Password X does not correctly suggest my existing account password in the password field anytime the username field is pre-filled. If a site form pre-populates the username field and starts with the password field focused, 1Password X pops up with a single option: "Use suggested password random new string of characters". I have accidentally clicked the new password and gotten a login failure countless times because of this. There seems to be no way to access my existing account password on the page without going up to the extension icon, copying the password there, and pasting it into the password field. I understand that 1Password X is probably guessing that I'm trying to change my password or something and helpfully offering a new random password, but why can't it detect that I already have an account for the site and show my existing password too?
Here's a perfect example on mint.com, where I have an account. Mint.com pre-fills the username, and instead of suggesting my Mint password, 1Password X suggests a new random password. This is just one example, I see this behavior on literally dozens of sites that I visit on a weekly basis:
1Password Version: 7.3.712
Extension Version: 1.17.0
OS Version: Windows 10 Enterprise Version 1803
Sync Type: 1Password
Comments
-
Hey @theremin! Thanks for sharing your thoughts.
1Password X is different from the desktop-dependent 1Password extension in more ways than one. I'd be happy to chat about some of the differences you've brought up.
why does "Never display in browser" not work anymore, it's so frustrating — can we at least change it to "Never suggest on form field"?
The reason 1Password X doesn't respect the "Never display in browser" option in the 1Password desktop app is because, if that were the case, you wouldn't be able to find your item at all since 1Password X operates solely inside the browser. I do want to share the workflow I've adopted in these situations. I created a separate vault for items I don't want displayed – whether that be old items that are no longer relevant or spare credit cards that I never really use. Then, I excluded the aforementioned vault from All Vaults. That way, it's not suggested in the inline menu or in the 1Password X pop-up unless I specifically search for the item and click the
Search Everywhere
button. To edit the vaults that are currently displayed in All Vaults, right click on the 1Password icon in your browser and click Settings. On the bottom of that page, you'll see buttons next to each of your vaults that you can enable/disable. I hope that helps!If a site form pre-populates the username field and starts with the password field focused, 1Password X pops up with a single option: "Use suggested password random new string of characters".
I'm curious what websites this is happening on. There's a good chance we've resolved it in a beta version, which'll be making its way to the stable version soon, but I'd love to double check. Could you give me any website URLs where you've noticed suggested passwords appear in the password field of sign in forms? Just a heads up, in case you do run into this again, you can always click on
Suggestions
, then selectLogins
to view your current Logins instead of a suggested password. Of course, 1Password X should be recognizing the form for you automatically and suggesting the proper item, so please do still report these issues to us so we can work on getting the root cause resolved.You mentioned Mint, so I'll use that as an example. Here's a screen recording I created showing how to access your Logins even when 1Password X doesn't detect a form the way it should. In addition, I'll let our developers know that you ran into this issue on mint.com. Again, if you do have more website URLs, I'd be happy to take a look and make sure they're part of our existing report.
ref: dev/core/core#358
0