Two of my most frequenly used sites have multi page authentication, username/password and then pin.
USAA .com and MyAT&T use multi page login, with username/password on the first page and a pin on the second. I can't believe a solution has not yet been found to consolidate these into a single login. I'm using multi logins for both sites, but really hoped for better.
The URLs for both pages are slightly different, but 1password seems to only care about the top level domain. If the URLs were more closely examined there would only be one option to pick from.
1Password Version: 5.4
Extension Version: 4.5.1
OS Version: OS X El Capitan 10.11.2
Sync Type: iCloud
Referrer: ug:mac/adding-an-identity-and-a-credit-card, ug:mac/add-more-than-one-website-to-a-login, ug:mac/, kb-search:multi page, kb:create-multi-page-login
Comments
-
Greetings @agilebob,
You're quite correct, a combination like that would require two Login items and we would display both regardless of which page you're on. The issue is getting the right balance. The paths in URLs can change for a vast number of reasons and in some places always requiring the full URL could potentially break matching. For example Google have a parameter in the URL for where to return you afterwards. We could try adding the ability for the user to specify how much of the URL is used but that places a large burden on the user and would seem likely to cause a lot of problems. So while matching on the full domain might show two items and seem sub-optimal it is robust in that it will always show those two items.
A significant shakeup in how we approach filling in general would allow us to come up with something that works better here but these sites are rare. Certain categories of sites e.g. financial are the ones that come up with all sorts of fantastical and quirky login processes but outside of these areas everybody else is so much... saner.
I would like a more comprehensive solution but I am also aware that it would likely break compatibility and it would be no small task. It could help with certain difficult sites but for the vast majority there would be no perceivable difference.
This is all just chatting about the issue at the moment. It isn't meant as a explanation before I say no, just that certain things can be complex. For example my bank requires certain digits from a PIN and certain characters from a password. 1Password can't fill on these sites as there is no standard for specifying an index and the banks are interested in doing so anyway. For this type of Login I use our new Large Type and it helps by adding an index to each character but I'm manually typing them in. I view 1Password as still helping me even if it can't fill.
0 -
Understand all you said, just thinking that if we know for a fact that a site will have a two page login. Would it be that hard to just have a way to flag it as such in the login then ad a page two field to the login item.
0 -
Greetings @agilebob,
I would say anything that potentially alters the data structure of the user's existing data is something that I wouldn't class as easy. It affects what we store which then has to be accounted for in the user interface and how we use the data. Again it isn't to suggest it's impossible but lots of care has to be taken.
Maybe there is a way to 'cheat' where we simply store multiple Login items but only show them as a single entity. It would still require work in multiple areas but could possibly be less disruptive. This is just me thinking out loud of course. I would be quite happy for the developers to correct me and tell me I'm wrong but I don't believe this will ever be seen as a small or easy modification. I would say regardless of the approach it would have to be considered carefully.
Either way, the changes would have to be carefully weighed to ensure the time to develop is being wisely spent. Factors we have to look at are what percentage of the 1Password user base benefit, how often would it be used, cost of development and in some measurable way, how much of an improvement over the existing system it represents before being compared to other bugs and requests, all in a bid to optimise and focus the developer's time for the benefit of all of our users.
There is the possibility that time spent here could have some great rewards in other areas too just to counter what might seem like a negative response. Maybe this would be one way to better work with TOTP codes for example which we would really like to do. Who knows what the future might bring :smile:
I'd also like it though if certain sites didn't make me jump through what seem like arbitrary hoops in the name of what they call security. Mostly I'm referring to banks and their whacky antics when I say that.
0
