Trouble with Westpac Bank Login (online.westpac.com.au)
I looked back and found two threads but would like to follow up if anything can be done to log into this bank. The logon link is https://online.westpac.com.au/esis/Login/SrvPage and even though 1password opens and populates the data it would appear to enter
a completely wrong password. Hope you can help. The bank has had the same log in page for several years so I don't think it will
change very soon.
Thanks
Craig
Comments
-
Unfortunately, they are doing a number of things to intentionally thwart automatic form filling which makes 1Password's job much more difficult. (It's almost like they want people to use weak passwords that they can easily remember and can type quickly on that frustrating onscreen keyboard.)
I don't have an account there, so my testing will necessarily be limited. However, one thing you might try is simply manually creating a Login in the main 1Password app. We don't normally recommend this since it is almost always better to let 1Password "learn" the form fields on the page by saving a Login via the browser extension, but it appears Westpac is doing some obfuscation of the password entered and it may help in this specific case.
- Open the main 1Password application.
- Select File > New Item > New Login from the menu bar.
- Input the URL you provided above as well as your username and password.
- Save the item.
- Try using the new Login item in your browser.
It's possible their obfuscation is going to cause trouble if 1Password enters the real password (which it will using this this method), but please let me know how it goes.
0 -
Thanks for looking at this. Unfortunately it did not help but I appreciate your effort. Cheers
0 -
I've passed this along to the developers to see if there is anything else we can do for the Westpac login page, but it is definitely an uphill battle with all the steps they've taken to try to ensure that no automatic form filling can take place. :(
0 -
Unfortunately, it looks like the site is using a different substitution cypher each time you use the site, so the value that 1Password saves for the password won't be the same value that clicking the onscreen keyboard (which isn't even QWERTY?) keys will enter on subsequent access attempts. Well, it might be sometimes, but it won't be every time and that would make the experience more frustrating than enjoyable. Sadly, there's not a great way for us to handle this kind of login in a reliable way.
My honest hope is that this approach is a trend that we'll see fall by the wayside in the near future rather than attempt to solve something that is working so hard to not be solved. I'm sorry I don't have a better answer for you, but I would encourage you to write to the bank and explain to them that they are making it harder for users to behave securely and urge them to abandon this security theater approach to the login process.
0