Update Existing Login creates a new Password, instead of updating

inspectorG4dget · May 2015

Context:
I was changing some of my online passwords. The 1Password application was running alongside my browser

Action:
When I changed my password online, 1Password asked if I'd like it to update my existing login item. Since I would have otherwise updated it manually, I said yes.

Expectation:
Once I click on Update Existing Login, I expect the password in the appropriate login item to have been updated, and no new items to have been added to my vault

Observed Behavior:

A new Password item has been added for the website in which I was changing my password
The existing Login item has not been modified, and still contains my old password.

Vee_AG · May 2015

Hi @inspectorG4dget,

That is indeed odd. In order for us to look into this further, could you please let us know the following?

What version of 1Password you're running
What browser(s) this happens in
What website(s) this happens with

I'd also be curious to know whether or not the "Lenient URL matching" box is checked in 1Password > Preferences > Browser. Thanks in advance for the extra details!

inspectorG4dget · May 2015

Lenient URL matching is not checked in that dialog box. Should it be?

Megan · May 2015

Hi @inspectorG4dget ,

'Lenient URL Matching' is more of a user preference than a requirement, so it shouldn't make a difference in 1Password's behaviour with respect to this issue.

Once you answer Vee's other questions, we'd be happy to try and reproduce this behaviour.

inspectorG4dget · May 2015

Oops! I seem to have missed some other questions. Sorry!

What version of 1Password you're running

1Password
Version 5.3 (530029)
Mac App Store

What browser(s) this happens in

I use Google Chrome (Version 42.0.2311.135 (64-bit)) on a macbook (OSX 10.10.3). I don't know if this issue is observable on other browsers because I don't usually use other browsers.

What website(s) this happens with

Based on the items in my trash, I have had this problem with

facebook.com
westjet.com
lyx.org
researchgate.net

Drew_AG · May 2015

Hi @inspectorG4dget,

Thanks for the details! I was wondering about the items you said are in the Trash:

Based on the items in my trash, I have had this problem with

facebook.com

westjet.com

lyx.org

researchgate.net

You said you've had the problem with those sites based on seeing those in the Trash. Does that mean you don't remember having the same problem with those sites, but are assuming you did because those items are in the Trash? Do you remember deleting those items, or are they appearing there automatically? Also, when you look in the Trash, are those Login items or Password items? (Login items will have a rich icon for the site or a generic keyhole icon, while Password items will have an icon of a key.)

When you use the password generator in 1Password mini to fill a change password form on a website, it creates a new Password item (which contains just the password and the URL) as a sort of safety net. Once you submit the change password form, 1Password usually detects the change and prompts you to update the existing Login item. If you do, 1Password should update the Login item and delete the corresponding Password item. On the other hand, if 1Password isn't able to detect the change on that site, it keeps the Password item with the new generated password so you can use it to update your Login item for that site.

From your original description, it sounds like you choose to update the existing Login item, but the Login item isn't updated. When that happens, are you finding the corresponding Password item (with the new generated password) in the Passwords category in the left sidebar of 1Password, or in the Trash? Also, when the Login item fails to update with the new password, do you copy/paste the new password from the Password item to the Login item? Or do you click the Convert to Login button?

Sorry for all the questions! It's a bit of an unusual problem and can get confusing to figure out exactly what's happening, so getting the exact details should be helpful for us. We appreciate it! :)

inspectorG4dget · May 2015

based on seeing those in the Trash. Does that mean

I looked through the items in my trash and mentioned the websites with which I had this sort of trouble. I also remember manually deleting these items, after having identified them as having this problem. They did not appear automatically

as a sort of safety net.

Yes it does. Thank you so much for doing this. It is what has saved me all these times

1Password usually detects the change and prompts you to update the existing Login item

Yes it does. This is the option I choose

1Password should update the Login item and delete the corresponding Password item.

This is what it does not do

are you finding the corresponding Password item (with the new generated password) in the Passwords category in the left sidebar of 1Password, or in the Trash?

I find the corresponding Password item (with the new generated password) in the Passwords category, and not in the Trash (I manually update the corresponding Login item and then move the Password item into the Trash)

Also, when the Login item fails to update with the new password, do you copy/paste the new password from the Password item to the Login item? Or do you click the Convert to Login button?

I do a manual copy/paste

Ben · May 2015

Thanks @inspectorG4dget. This is a fairly strange issue in that I cannot reproduce it using the same versions you've mentioned. Could you please check one other thing for me? I'd like to make sure the extension within Chrome has been updating properly. Could you please open Chrome's extension settings and let me know what version of the 1Password extension this is occurring with?

inspectorG4dget · May 2015

Details on the currently installed version chrome extension: 1Password: Password Manager and Secure Wallet 4.3.1.90

Interestingly, this problem did not present itself when I updated my password on instapaper. Since I haven't tested with instapaper before, it is a possibility that the chrome extension updated itself between the time I reported the problem and the time I checked with instapaper.
I therefore tried changing my password on westjet, and noticed that the problem still presents itself.

sjk · May 2015

Thanks for that additional information, @inspectorG4dget.

I did some testing with Facebook password changes and, like Ben, was unable to recreate the problem. Have you been using steps like in the guide for changing a saved password to do it there and on other sites?

Turns out WestJet was a whole different story …

When using Fill in 1Password mini's Password Generator on the site's Change password form, only the Retype new password field was filled but not the New password field above it. After manually copying/pasting the newly-generator password and submitting with CHANGE PASSWORD, the 1Password Update Login window didn't appear at all.

Are you also having those issues when changing your WestJet password?

Earlier you mentioned lyx.org as one of the troublesome sites. I couldn't find any login form there, only a couple forum links to other sites. Do you have a specific login URL for it?

I wasn't able to test on the ResearchGate site since it requires having some researcher credentials to join.

Thank you for your patient assistance to help get this all sorted out!

inspectorG4dget · May 2015

Whoa! That's a lot of testing effort from your end, @sjk. Thank you for putting in the time.

I have indeed been following the steps outlined in changing a saved password. I am at a loss of an explanation as to how you are unable to recreate the problem. I will make a note to check it out at my next password changing cycle.

The Update Password dialog appeared for me with WestJet, though the Behavior you mention (pertaining to filling only the retype box) rings a bell - I think I encountered that behavior as well (that website seemed to use very inconvenient JavaScript to handle their password change form).

I was incomplete in my description of the LyX issue - I have to login to the LyX ticket tracker.

Don't worry about Research Gate, I don't expect to change the password there for a while.

Thank you so much for sticking with this highly elusive issue

sjk · May 2015

Hi @inspectorG4dget,

Please accept my apology for not replying again sooner. After further investigation and testing I'm happy to return with the likely explanation for this issue. I'll keep it short for the moment:

Your Login items that don't automatically update the password after confirming the 1Password Update Login prompt, leaving behind generated Password items with the correct ones, have the wrong field designated as the password field. Editing items after creation could leave them in that state. I'm still looking into possible bugs causing it to happen and will post another follow-up with any useful findings.

The preferred workaround is to create new Login items in the main app for ones having trouble with password updating. And manually saving a new Login item should also work. Then you'll be able to change their passwords normally in the future. WestJet might still misbehave even with a new item but there's no harm trying one.

I sure hope this helps and look forward to hearing whatever results you'd like to report back here. Thanks!

inspectorG4dget · May 2015

Hi @sjk,

I will use the workaround for now, as it seems the safer option. I look forward to any other findings you're able to share

Thank you

sjk · May 2015

You're welcome, @inspectorG4dget.

No new findings yet but I'll gladly share them when I have some. :)

Update Existing Login creates a new Password, instead of updating

Comments