Updating an existing password
Comments
-
Hi.
Regarding changing passwords using the extension, when I do this the new password is saved as a password entry rather than updating in the password field of a login entry. In other words, the old username and password remains and the new password is created in a separate entry (password entry).I am initially autofilling from the app (clicking next to the URL and clicking open and fill).
I then go to to the password change site on the website, copy/paste old password, generate new password and then save and fill, all in the extension.
Should I be initially autofilling using the extension/mini rather than through the app when initially logging on?I have the most recent version of 1 PW for Mac and the most recent version of Chrome.
_I noticed that the "Click Update Existing" doesn't occur. _
Thanks
0 -
Hi @1pwuser31547!
Should I be initially autofilling using the extension/mini rather than through the app when initially logging on?
This should not matter.
I have the most recent version of 1 PW for Mac and the most recent version of Chrome.
Can you please confirm the exact versions?
- 1Password for Mac version
- Chrome version
- 1Password Extension for Chrome version
Thank you!
0 -
Chrome
Version 80.0.3987.1221 pw extension Version 4.7.5.90
1 pw 7 Version 7.4.3
0 -
Thank you for the confirmation. I originally thought that this was happening on twitter.com for you, but then I noticed that you copied the screenshots from our support article instead. So can you confirm what website this is happening in for you?
0 -
Every website
0 -
I cannot reproduce the issue here on the websites I have tested. Please make sure that the website field in your 1Password login item matches the URL of the website you are on: if they differ, 1Password will consider that as a new website and will not show you the Update Existing button.
0 -
Every website
0 -
I’ll confirm.
However, won’t the website domain of the password change field will differ slightly from the website of the log in page?0 -
No, the domain will remain the same. The URL will be probably different, but the domain will remain the same during a password change.
0 -
Yes, sorry that’s what I meant.
“Please make sure that the website field in your 1Password login item matches the URL of the website you are on”
If I change the current log in URL entry to match the password change URL, will I be able to login using autofill since the URLs are different (domains same).
0 -
If I change the current log in URL entry to match the password change URL, will I be able to login using autofill since the URLs are different (domains same).
Yes. However, there is no need to change the entire URL inside your 1Password item. You just need to make sure that the domain part is the same inside your 1Password item and the website that you are visiting.
0 -
Still no luck,
URLs match exactly and still the new password is saved as a separate entry while the old credentials remain the same in the website field in my 1 PW log in item.
Please advise.0 -
Am I supposed to edit the password in the website field and then fill into the new password space?
Each time I click generate new password, the system generates a new password entry, separate from the original data.0 -
So one more thing- I noticed that the specific website favicon is not present in any of website login entries. So for example for Google, I don’t see the icon, rather a generic “gm” for gmail.
0 -
So one more thing- I noticed that the specific website favicon is not present in any of website login entries. So for example for Google, I don’t see the icon, rather a generic “gm” for gmail.
Can you post the exact value of the website field inside this Google login item?
0 -
So the problem seems to be that for some websites, the change password URL is different from the initial log in page.
When the change password URL begins with www. 1 PW is able to detect the changed password and does update the password in the 1 PW website field.
When the change password URL does not begin with www. , 1 PW detects the changed password as a separate password entry and does not update the original 1 PW website field.For example, with ADP, the log in page, _as well as _the change password page begin with my .adp.com
https://my.adp.com/static/redbox/login.htmlWith Bank of America, the initial log in page is https://www.bankofamerica.com
The update password page (only after login in) is:** https://secure.bankofamerica.com/login/edit/sm/redirectSecurityCenter.go?target=signin_settings**1 PW is unable to update website settings after a password change for these sites.
Note where the the change password URL also begins with www, 1 PW is able to automatically update the 1PW website field with the new password.
For example https://www.abebooks.com/servlet/SignOnPL for sign into Abebooks
and https://www.abebooks.com/servlet/ChangePassword for changing password.
Both have WWW. and 1 PW works here.Please advise
0 -
Hey @1pwuser31547 ,
Bank of America's website is a known problematic website, as well as many other banking websites that actively try to prevent autofilling software from working properly. We've seen all kinds of crazy stuff they're trying to pull off in order to prevent users from autofilling on their websites and even preventing apps like 1Password from even detecting fields on their websites. We've even wrote an open letter that our users can send their banks in hope that the banks will listen at some point (and some of them have!): https://blog.1password.com/an-open-letter-to-banks/
I'm having troubles finding a normal website that anyone can open an account in for free to test your theory about the "www" part, if you manage to come across such a website where we can open a free account and test it in, please do let us know!
Just for general knowledge, whenever you generate a new password and use it, 1Password saves it as a separate password item in the app just in case you didn't manage to save it in the login item or if the page did not allow it. It is a failsafe to prevent loss of generated passwords after using them.
0 -
I’ll let you know. I’m planning to change a bunch of passwords soon. Still it’s an interesting observation, albeit with small sample size.
Yes I know the password is saved as a separate entry these cases.
By the way, iCloud Keychain password manager is able to detect these cases and properly autofill.0 -
@1pwuser31547 Thanks for the update. Please do share your findings here if you are able to reproduce the issue on demand on a website we will also be able to reproduce it on. :+1:
0 -
Maybe someone on your end could look at the code to see if it’s something that can be updated.
I’ll let you know about my results.0 -
If we can confirm it is a bug, I will be able to file it as such for our developers to look at, so it is crucial we will be able to reproduce it first.
I keep a close eye on it on my daily use but so far did not come across a website with such a URL.0 -
Hi Yaron.
This issue occurs with gmail.
The URL for the password reset page does not have www. It starts with myaccount.google.com
The new password is saved as a separate entry as a password entry.Please advise
0 -
Hey @1pwuser31547 ,
I have tested this and saw that the "www" doesn't quite relate to the issue, it happens whether there is a www in the URL or not. 1Password simply does not pop up and ask if you'd like to update the existing login when changing a password in Google's account settings.Thanks for reporting it. If you have a 1Password.com membership account, I suggest you give 1Password X a try, as it handles such situations better for now.
0 -
Yes. It appears this occurs for sites where the URL's of the log in page and password change page don't exactly match.
Thanks for looking into it.0 -
:+1: :)
0
