Bug Report: Update Login within browser leads to incorrect auto-fill

Options
Alexei
Alexei
Community Member

Whenever I agree to an update of an existing login (automatically detected by my browser extension), strange things happen: If I reveal the password now, it's been indeed updated. I can also copy and paste it and log in successfully. But when going for the auto-fill it seems to still fill in the old password. The only way to cleanly update the password for me is to delete the existing login and add it again. Not even deleting the password, save and enter the new one again was working - I had to delete it every time, although the visible data was not wrong but correct.

Comments

  • littlebobbytables
    littlebobbytables
    1Password Alumni
    Options

    Hi @Alexei‌

    Your Login item actually record your username and password twice. There is the first instance in the visible fields that you can see any time you look at a Login item. Then there are the web form details. There's a button so you can view them but normally they remain hidden.

    Now every site is different but normally 1Password is pretty good about not just recording your username and password but which field in a page is your username and which is your password. Sometimes though it can get confused. Now the web form details section, that's simply a map between field IDs or names (I forget which is which with HTML) and the field value. If 1Password can determine which is your username and which is your password it flags those fields so that if the top part of the page changes these get updated. If it guesses incorrectly though you can end up in a state where the password field at the top doesn't match the web form field.

    Here's an example from my messed up test vault

    As you can see this particular test Login has been under some abuse as I've managed to pick up two password entries (labelled 2 & 3) in the web form details section. That top entry (2) was the old password (no idea how it got there) and the one with the key symbol opposite it (3) is the line that is connected to the password field at the top (1). So any time I change the normal field (1), (3) will update automatically. If for some reason 1Password guessed incorrectly and (3) didn't have the key symbol then updating (1) wouldn't change (3).

    The result of which would lead to what you've observed. Where you change the password, it seems changed but 1Password is actually filling in the old one. So if you find a particular Login does this, checking the web form details would probably give you a lot of clues as to why. Now one easy way round this is to simply create a new Login item and bypass the old one but you should find that most sites do actually work rather than not working being the norm.

    Let us know if that relates at all to what you're seeing and if you have any questions do please ask.

This discussion has been closed.