Secret Q&As
I'll post my question here as I use the 1PX beta, though it may be more general in nature. I'm new to secret Q&As and did only a bit of research on the forum. When I go to a website, 1PX nicely enters my creds. The next screen brings up one of three randomly selected secret Q&As (first screenshot). The other two ask for my favorite pet or restaurant. I also attached my 1PX form editor window, in which I had simply entered the Q&As in the Notes section just for the sake of storing them. I created a new form section named "in what city does your nearest sibling live?" I then entered the answer in the new field box. When I tried it out, 1PX entered my pet's name instead of the city. It seemed that 1PX grabbed the pet's name from the Notes section that appears in my screenshot. (I won't need this info in the Notes section if I get this feature to work.) I'm doing something wrong.
1PX Form editor:
1Password Version: Not Provided
Extension Version: Beta, Chrome
OS Version: Win 10
Sync Type: Not Provided
Comments
-
Hi @jimmyweg! This is a really good question, and I'm glad you brought it up. As far as I know, 1Password will never even try to fill anything from the Notes section. However, other sections can be filled (typically if the label matches the HTMLid/name of the field).
I want you to check something for me. Could you take a look at the same item (not in edit mode) on the 1Password web app and let me know if you see a button that says "Show Web Form Details." If you do, click on that and let me know if your pet's name is saved as any of the values.
Personally, I've always stored security questions as an additional section and put the question in the label part and the answer in the new field part. I haven't thought about filling them specifically into the page, though. The reason for that is because the field likely doesn't have any indication of what field it is if you only look at the code. For example, I wouldn't think the HTMLid/name of the field would be something like "nearest-sibling-security-answer." It's probably something like "security-answer-2" if it's even that descriptive. Either way, that doesn't tell 1Password which value it should fill of the three security questions. I generally open the 1Password X pop-up and copy the correct security questions and paste it in the proper field. That said, I haven't had a site that asked for my security questions each time I signed on.
Let me know what you find!
0 -
Thanks, Kaitlyn. I attached a redacted screenshot of the site from the web app. There is no button. When I experimented earlier, I copied each of the three secret questions verbatim from the security question, as in the screenshot in my initial post, and entered each question as a label, followed by the answer in the new field box. I also tried doing something similar by entering the question in the section box. However, I see your point about the code differing from the text. Now, I do something similar to what you described; I copy the answers from the 1PX Notes section on the 1PX dropdown and paste them accordingly. I probably was under the wrong impression about 1PX entering the answers as nicely as it does the login creds.
0 -
@jmjm – I was just referring back to the screenshot you posted:
The label section is where I'd put the question, and the new field section is where I'd put the answer. Here's an example of what my security questions look like in an item in 1Password X:
I personally open the 1Password X pop-up by clicking the 1Password icon in my browser toolbar and copy the security question a site asks me for to make sure the right one is being filled. Since you're already on the website, though, clicking the 1Password icon in your browser toolbar will result in the proper item already being suggested, so it's a two-click process.
0 -
Thanks, Kaitlyn. After I land on the question page on the site, I clicked the 1PX toolbar icon and scrolled down to the Q&As section in the screenshot. Then I mouse-overed the appropriate q&a, clicked copy, right-clicked in the answer box, and clicked paste. It works fine, but am I adding an unnecessary, albeit trivial, click! ;)
0 -
@jimmyweg – I definitely see where you're coming from! We'd love to have security questions accurately fill, and I know it's something our developers have thought about and continue to think about often. From a code perspective, I think we'd be relying on the label of the field too heavily, which isn't always as accurate as you'd think. The reason we can tell a password field is a password field, for example, is because password fields tend to have similar attributes. Three different security question fields could have extremely similar attributes, like
securityquestion1
,securityquestion2
, andsecurityquestion3
. While we may be able to tell that's a security question field, the difficulty would be determining which answer to fill into which question. There isn't necessarily anything in the code that would tell 1Password X that the field is a pet's name. I hope that helps explains things a bit, but just know that this is being thought about by us here at 1Password too.0 -
Thanks, Kaitlyn, I do see your point and the difficulties this issue presents. While it may not be worth the effort, I suppose that 1P could "learn" the code on a particular site with a little coaching from the user, similar to the scenario in which 1P saves a password entered by the user. Forgive me if I'm over-simplifying.
0 -
@jimmyweg – For sure! I know you're not the only one who would love to have the ability to fill security question answers. A lot of us here at 1Password would as well. I can't share any of our future plans, but we'll definitely keep the request in mind. :)
Thanks so much for sharing your thoughts with me. I hope you have a fantastic rest of the week!
0