Same login for multiple sites
Amazon supports using same login details with all their sites (.com, .co.uk, .de etc.) But 1password does not support this, I should create different cards for every site. Could you add support for this?
I also hope you could add support for filling forms automatically, without clicking the 1Password icon in Chrome.
Thanks for your answer
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:Same login for multiple sites
Comments
-
Hi @ollifi,
You can additional website fields to a Login item and this will allow 1Password to match that particular Login item to different domains. Now it is manual but if you add them as you need to it shouldn't feel too onerous. As you can imagine adding some automated system where we accept multiple top domains would have the potential to be a big security risk so I doubt we would ever allow such a feature while the user manually adding each URL means you're consciously making a decision that this site is safe.
The requirement for the user to instruct 1Password to fill is also a security feature and we have a page that discusses that which you can find at Why doesn’t 1Password automatically fill forms when the page loads?
So in both cases it's about security. Sometimes security will conflict with user experience and these are always delicate lines to walk. Security has to be the top priority though for all our users (us included :smile:). If you have any follow up questions please do post!
1 -
Hi, thank you for your reply.
It was good to hear that you can entry several domains. But amazon.* seems not to work. Please add support for wildcards.
As a user of paid product, I'd expect little bit more customization. For example, if I want to take the risk of filling forms automatically, that's my responsibility. So please add an option for this. Additionally, browsers fill forms as well. For example, Chrome does that. If there really would be some very big risk on this, they wouldn't do that.
Another thing I'd like to customize is the behavior of Touch ID on iOS devices. I trust Touch ID. And so do several banks in the US. But 1Password doesn't. Every time I reboot my phone, I need to enter master password to 1Password and that is really uncomfortable to me. If BANKS trust it, why shouldn't you? If you really want to require master password sometimes, I'd appreciate if you could add option "never ask master password" to advanced settings.
0 -
It was good to hear that you can entry several domains. But amazon.* seems not to work. Please add support for wildcards.
@ollifi: No. This would be incredibly insecure, as then anyone could register Amazon.mom (yes, this is a valid TLD) and your Amazon Login item would be happily offered to you there. Yikes. :dizzy:
As a user of paid product, I'd expect little bit more customization. For example, if I want to take the risk of filling forms automatically, that's my responsibility. So please add an option for this. Additionally, browsers fill forms as well. For example, Chrome does that. If there really would be some very big risk on this, they wouldn't do that.
No. As you mentioned, the browsers themselves do this. Nobody needs 1Password to help them be less secure, and we're in the business of doing the opposite — and proud of it. ;)
Another thing I'd like to customize is the behavior of Touch ID on iOS devices. I trust Touch ID. And so do several banks in the US. But 1Password doesn't. Every time I reboot my phone, I need to enter master password to 1Password and that is really uncomfortable to me.
Similar to your device passcode, your Master Password can temporarily be stored in the iOS Keychain. But both your device passcode and Master Password are cleared upon restarting your device. Keep in mind that you used to have to enter this all the time, and it doesn't seem like such a huge sacrifice. :pirate:
If BANKS trust it, why shouldn't you? If you really want to require master password sometimes, I'd appreciate if you could add option "never ask master password" to advanced settings.
No. It isn't a matter of trust. Notably, my bank uses Touch ID to protect a 4 digit PIN. This does not add any security. The PIN is still the weak link. Your data is encrypted using your Master Password, and as such, your Master Password is needed to decrypt it. The security of your data depends on this principle, so this isn't something I anticipate we will change. Your data is never encrypted using your fingerprint. Touch ID is simply a way to allow you to enter your Master Password less frequently. But your vault needs your Master password.
In the end, we're happy to add convenience wherever possible, but absolutely not at the expense of security. I hope this helps! :chuffed:
0 -
Hi. I think maybe 1Password's problem is making the difference between a "normal" computer user and advanced user. For example, I would never let 1Password to enter my Amazon details to any "amazon.mom" domain for example. Sometimes you should let the user to the decision - is this safe or not. Some people don't care that much about security - so possibility to choose user expertise would help a lot.
But thank you anyway for your replies.
Btw, I'm going to complete the Finnish translation of 1Password when I have time, hopefully you can update it to your apps, then :)
0 -
Hi @ollifi,
Maybe at some point we can have a checkbox titled "I love danger" or "Advanced Settings" but for the moment we don't want to complicate matters as there are plenty of matters that need attention. As I'm sure you can understand, anything that allows the user to do something potentially unwise has to be considered very carefully. We do have a very wide range of users and anything we do has to ensure we don't place any group at risk through misconfiguration.
You say you would never enter your details at
amazon.mom
but all it takes is one lapse in concentration and we've had users thank us for looking out for them in those instances. Instances like this would be why we'd be reluctant without a very strong argument for. I hope you understand why we these decisions are usually conservative.Thank you for helping with the translations! we appreciate all your assistance there as no doubt do all of our Finnish users :smile:
0 -
Hi guys,
I'm experiencing a similar issue.
I'm a plex user and I use plex from multiple computers in and out of the house.
My problem is this:
1. I use the plex computer to check itself (localhost)
2. I use my computer to check on the plex server (ip of plex server)
3. I use the plex.tv website to access my plex server from outside my home networkNow, I've added the three addresses into 1Password's URL list and entered in the password/username fields just to be sure.
Head to the respective addresses and try to sign in.
But it seems only the top most URL is detected and processed (swapping out address 2 from the top of the URL list with address 3, seems to work).I'm not sure if I'm doing something wrong and would appreciate it if you could assist.
Additionally, I'd like to know if I can merge login items.
I'm using 1Password v4.6.0.585 on Windows 10, if that makes a difference.
Many thanks.
0 -
Hi @dotzeno,
Knowledge that you're running 1Password for Windows might turn out to be the key here :smile:
- Launch 1Password and enter 1Password's preferences.
- Switch to the Logins tab.
- Is the option Enable multiple URLs enabled or disabled? I suspect disabled (which it is by default).
- If disabled, enable and see if the issue remains.
I'm hopeful that will resolve it for you @dotzeno but please do let us know if it doesn't as I'm curious about the use of localhost and ip address.
0 -
Enabled multiple URLs - Single login in 1Password working for localhost, computer name, ip address and plex.tv.
Thanks for the help.0 -
Great to hear and thank you for reporting back @dotzeno :smile:
I hope we can be as helpful the next time you have a query.
0