how do i get 1password x sub-domain matching to select the right login?
I have a number of sub-domains on a server, and whenever i visit them 1 password x has a list of all the matching domain logins, but suggests ones that don't match the sub-domain, some of the time.
some of the sub-domains do get suggested correctly and some don't. are there any tricks to getting the suggestion to match for each sub-domain?
the main urls i use are the first website url in each login
1Password Version: Not Provided
Extension Version: 1.23.1
OS Version: windows 10 20H2
Sync Type: Not Provided
Referrer: forum-search:1password x url matching
Comments
-
Hi @matty666!
1Password will suggest all Logins that match the domain, regardless of the subdomain, so this behavior is by design. However, it should show the ones that match the subdomain as well at the top of the list.
the main urls i use are the first website url in each login
Can you please elaborate? Do these logins have multiple websites fields?
0 -
Yes, so each sub domain on the server is accessible via the sub domain, and via the same ipaddress and a different port... and also there are others servers that have different up addresses and subdomains that also don’t suggest the right login
I will make an example later to explain
0 -
Lets say i have this set up:
login 1 http://sub1.domain.local http://192.168.0.1:6666 favourite login 2 http://sub2.domain.local http://192.168.0.1:7777 login 3 http://sub3.domain.local http://192.168.0.2:5555 favourite login 4 http://sub4.domain.local http://192.168.0.3:5555
If i go to http://sub1.domain.local 1password is suggesting login1, however when i go to http://sub2.domain.local, it suggests login 3, as does going to http://sub3.domain.local and also http://sub4.domain.local
could it be due to the favourites? actually it does seem to be that, i added login2 to favourites and now when I visit http://sub2.domain.local it suggests login2 as the first login
1 -
I just added all my logins for the sub-domains to favourites and now it's suggesting the right one for each... seems like favourites take precedence over sub-domain exact match
0 -
Hi,
Sorry for replying to this old thread. But I'd like to add something regarding this issue.
I'd really love it if you can implement this feature to match the full FQDN, not just the domain name. Sometimes we've got many different apps with different login credentials on the same domain. It is very frustrating just to find the correct credentials. Personally, I've got more than 20 logins on the same domain (with different subdomains on each credential).
I understand it might be easier for some users if 1Password matches at the domain level. So, I think it'd be really helpful if you can implement this as a toggle.
I don't know if this is the same feature, but is this removed or something?
https://1password.community/discussion/comment/299563Edit: Just came upon this thread and it looks like you guys are not going to implement this?
https://1password.community/discussion/87028/stricting-url-matching-for-subdomainsThanks for your help!
0 -
Hey @ReynHartono 👋
No worries on bringing up an old thread! That's why they're here. I appreciate you doing some research ahead of time. :)
I'd really love it if you can implement this feature to match the full FQDN, not just the domain name. Sometimes we've got many different apps with different login credentials on the same domain. It is very frustrating just to find the correct credentials. Personally, I've got more than 20 logins on the same domain (with different subdomains on each credential).
1Password should be matching the FQDN as the very first match unless Favorites come into play. The exact match (FQDN) will appear first, then domain name matches will appear below. I used the releases.1password.com page as an example. Items with a domain containing 1password.com do appear as matches, but my releases.1password.com appears first.
Is that the same experience you're having? Are you simply not wanting to see domain matches as well, or is it hindering you from filling the way you'd expect?
Let me know, I'm here to help!
0 -
I can comment on this and why the feature is extremely important for some corporate use cases.
I work for a SaaS cybersecurity software company where we have multiple customers that we support. Each customer has a domain with their name in it so it is easy to remember (e.g. https://customer1.domain.com). Now if I want to store support account logins or other logins for those domains, I cannot reliably do that without exposing Customer1 to Customer2.
When doing a demo or troubleshooting I get a dropdown of every login I have saved for that domain, instead of the sub-domain, with the customer name in the login title ("Domain - Customer1 Support Account") that I have saved.
So right now, for me and most likely quite a few others, 1Password is a hard sell for the corporate use case where customer privacy is paramount and we need to login to systems while the customer is on a screen share. For personal use, it is fantastic and the family loves it.
2 -
This content has been removed.
-
+1 here for corporate use case. Same here, I work in an agency supporting mutlitple customers. And most of our systems are running on the same domain, but there is a customer specific sub-domain like it was mentioned above
https://customer1.domain.com
https://customer2.domain.com
...we also have cases like
https://domain.com/customer1/
https://domain.com/customer2/
...it would be cool to have additional field on the 1password entry which would work as regex match for FQDN or better the full URL if provided.
This way family users won't be affected - they can ignore the new field and corporate users will be able to better match the accounts.0 -
Thank you for the feedback @y1_anton_boritskiy, I've added your voice to the issue as well. :+1:
0 -
+1, same use case. Many subdomains, each have different credentials and shouldn't mix. I see the closed thread on this basically saying there's no way to accomplish this without impacting the experience. This is very close minded and as someone trialing 1password as a potential Lastpass replacement (that has this feature), this is not a good first impression.
This is a very simple request that can be accomplished without any impact to "non-power users". Just add an option in the "suggest in browser" dropdown to "only suggest on exact subdomain match".
0 -
Hey @bs87racer ,
Thanks for chiming in here.You might find the suggestions I wrote in this post helpful: https://1password.community/discussion/comment/619241/#Comment_619241
0 -
I agree with the comments in this thread. Most developers who uses Docker with containers that use bridge networking will have many URLs, all with the same IP address but different port numbers. You’re forced to do one of three things.
- Maintain the same userid and password on every service to have a single entry in 1password . Insecure and not possible.
- Navigate a potentially lengthy list of passwords and manually choose the correct one.
- Change your entire docker environment to use MacVlan instead of bridge to assign every container a unique IP address. This isn’t possible on Mac and Windows since only linux docker supports macvlan.
0 -
+1 on that. That is a must-to-have feature!
0 -
Definite +1 for this - very very important for website developers and many others that have subdomains. It's really annoying to have a huge list popup, and there should be a simple checkbox in the 1password dashboard that says "Match passwords based on Subdomain only". It's not too complicated to add this feature from a development standpoint.
0 -
Add me to the list. Support for subdomains would be a great feature.
0 -
Both noted, thank you!
0 -
The subdomain handling of 1Password is really not optimal. I have a similar issue with local domains, for which I have to handle up to 20 logins under different subdomains. Please add a proper matching
0 -
Also voting for this as a great feature for IT, and anyone hosting multiple services on a single (local) domain.
0 -
0
-
This behavior is not suboptimal it is highly dangerous. If you buy products on shop.wordpress.com and you save your credentials in 1P and next time you are mistyping the url and you are on shot.wordpress.com ( might be a fishing site) 1P will just fill in your data. This is not only a feature we would like to have - this makes 1P just a dangerous tool with a real design flaw. And you know it since years and did not fix it.
0 -
Hi @kobs:
Thanks for your feedback here on this. We do use the Public Suffix List to determine when credentials should be shared across sites. In the case of the example you provided, I'm not sure if you were using wordpress.com as an example, or a specific set of sites where you've run into this concern. I've brought up the issue of wordpress.com not behaving as expected, as I was able to replicate this behavior. Additionally, I've added your feedback on improved domain matching as a whole to the issue I've referenced above. Thanks again!
Jack
ref: dev/core/core#12421
0 -
Hi, I would like to add the perspective that the fact that favorites are listed at the top, ignoring subdomains, is a bug.
1. If there is a password that matches the exact FQDN, it should be shown ahead of any favorites that match fewer parts of the FQDN.
2. If there are two favorites that match the registered domain and one of them matches the FQDN, then the latter should be listed at the top
3. If I always pick the same out of two entries that differ in user name, I would expect 1password to learn which entry that is (in this case, simi@FQDN) and list it ahead of others, e.g. admin@FQDN (based on frequency and recency, a.k.a. frecency) – but I admit that this one might appear like rocket science compared to the first two0 -
@simihomer Thanks for your input on this! It definitely makes sense to sort Favorites by subdomains. I have shared your feedback with our developers. Hopefully they will be able to improve on this in the future.
Please let us know if you have any additional feedback or questions!
0
