Password Generator->Fill to change password, and 1Password never saved it, so I'm locked out :-(

I had a feeling this would happen someday, but I wanted to believe that AgileBits would never let it happen :-)

Went to change my Google password, used the password generator, submitted it, but 1Password never prompted to update its database, contrary to what it says here:

https://support.1password.com/change-website-password/

Yes, it does normally prompt me to save passwords. In fact, I had just let it do so with the original password about 10 minutes prior, based on what the browser had previously cached. But when I saw what the password was, I wanted to change it to something stronger. So I did, but 1Password didn't save it; I "revealed" the password it has stored, and it's still the original one, which will no longer let me in.

I can proceed with the password recovery steps, which will hopefully work. But before I do so, is there anything you want me to do to help you troubleshoot this situation?

I will point out that we have more than one Google account accessed by this browser and in 1Password. I don't know if that could be related to the source of confusion.

Let me know.

Thanks!


1Password Version: 1Password 5 Version 5.4.2 (552001) Agile Web Store
Extension Version: Chrome 4.5.1.90
OS Version: OS X 10.10.5
Sync Type: Dropbox

Comments

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    Greetings @reggoboy,

    We are aware of issues relating to the 1Password Save Login window that we're hoping we'll be fixing/improving on in the next release. We've got fixes that we're happy with so far in the beta so it's mostly about when the next stable will come along.

    It isn't all bad news though. Any time you use the Password Generator to generate a password and you copy or instruct 1Password to fill we generate a Password item that is stored in your vault. If 1Password updates a Login item with the exact same password as is stored in a Password item then we remove the Password item as it is now redundant but if 1Password doesn't update a Login item then you should find there is a Password item in your vault and the title should be set to the page where it was used. I would expect you will find a Password item with the word google in it and this will be the password you feared was lost.

    If you attempt to manually log in to your Google account and copy and paste the password from the Password item you should see the standard 1Password Save Login window.

    Please do let us know how you get along.

  • reggoboy
    reggoboy
    Community Member

    Thanks for the reply, Robert.

    This also helps explain what the peculiar "Password" entries are... sort of a half-baked Login entry. Sure enough, the Password entry was there sporting the mysterious lost password, which got me back in without the need to follow the "recovery" steps. Plus, the Password entry was removed, as promised.

    Thanks again!

  • @reggoboy On behalf of littlebobbytables, you're welcome. Glad everything has been worked out nicely. :)

  • reggoboy
    reggoboy
    Community Member

    Hey, Robert, a follow up item.

    The site in this case is:

    https://support.logitech.com/en_us/register?login=true

    The Login entry I have in 1P clearly has the wrong password (it won't let me in).

    But I also have 5 Password entries for that site in 1P, too. Sure enough, the password stored in the most-recent Password entry gets me in.

    So I wanted to test what you said above:

    " If 1Password updates a Login item with the exact same password as is stored in a Password item then we remove the Password item as it is now redundant "

    First some housekeeping: In both the Login and the Password, the URL was wrong: it pointed to the account creation URL:

    https://support.logitech.com/en_us/create-account

    rather than the login link shown at the top. So I fixed both to match.

    Then I went back to the Login item, clicked Open and Fill, the login failed as expected. I copied the correct password from the Password item, pasted it in the password field in the web form. When I clicked Submit, sure enough 1P asked if I wanted to Update the Logitech Login item, which I did.

    But when I look in 1P, the password in the Login item has NOT been updated, and the Password item has NOT been removed.

    Other than spanking it for misbehaving, what do you suggest?

    Thanks in advance!

    :-)

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    Greetings @reggoboy,

    I apologise, I wasn't precise enough in my description when I talked about how it should work.

    When everything is working properly what the user should (and shouldn't see) looks a little like this.

    1. You or I as the user are at a password change form and we use the Password Generator in 1Password mini. When we click the Fill button the password fields on the page should fill.
    2. Behind the scenes as I mentioned before, we create a Password item as the safety net, so no matter what there is a record of the password the Password Generator just filled.
    3. When you click the submit, change password button, whatever they've decided to label it, the 1Password Browser Extension should recognise what is happening and communicate this to 1Password mini, specifically saying "we've got a password change happening here".
    4. Based on the domain, 1Password should display a window that looks a lot like this
    5. After selecting the right Login item to update from the menu, clicking the Update Existing button will instruct 1Password to update this Login item for you and if 1Password sees that there exists a Password item in the same vault with this new password it will remove that item.

    If you are forced to manually update a Login item 1Password by copying and pasting the password from a Password item to the Login item we won't delete the Password item. So in this instance there could be manual cleanup required. There is a menu option that can be found at Help > Tools > Remove Redundant Generated Passwords which will mimic this but it isn't run automatically, we've left it for the user to initiate so that they (you and I) are in control of what happens.

    I suspect Logitech have been playing about with their site because my test Login item for there also contained the URL https://support.logitech.com/en_us/create-account?type=login&lang=en and I'm very particular about how I create my Login items. I don't create the item from the registration page but always from the login page. When I manually visit their site it now seems to be https://support.logitech.com/en_gb/home#login when I visit https://support.logitech.com/ and then click the profile icon just above the Search Support field.

    As I have a Login item for there I decided to see what happened when I changed my password. In fact as soon as I logged in they asked me to change it which took me a little by surprise but did mean I didn't have to hunt for the option :tongue: I used the Password Generator to fill the fields and when I submitted I got the following

    I had 1Password update my Login item and then tested by logging out and then in again. Everything went smoothly and the Password item titled support.logitech.com was removed.

    If you're not seeing this behaviour can I ask what versions of everything you're currently running please. I'm running 1Password 6 for Mac with the 1Password 4.5.2 Safari Extension (it's essentially the same as the 4.5.3 that you would see in both Firefox and Chrome, the difference was in preparation for a scenario that never developed). Using that configuration I can successfully update the Login items and have 1Password recognise that is what should happen. I'm hopeful we can get the same happening for you.

  • reggoboy
    reggoboy
    Community Member

    Hey Robert, thanks for your reply.

    I think I may need to clarify at this point.

    1) I was NOT performing a password change at Logitech's site nor using the 1P password generation feature last night. Perhaps those happened months ago; I don't recall. But the condition I started in yesterday was with a Login item containing a clearly old password, and secondly a Password item that did have the correct password.

    2) I did NOT manually edit the Login item at any point yesterday. Again, what may have happened months ago, I don't know.

    What I DID do manually was to COPY the good p/w from the Password item and paste it directly into Logitech's web site, so that I could get into my account. At that point, 1P correctly asked me if I wanted to update its Login item, which I said yes to.

    So for skits and grins, I just decided to try logging in fresh, to give it another go.

    After I submitted the web form using whatever password the BROWSER had cached (more out of curiosity than anything else), 1P asked if I wanted to update the Login item. Since that cached password did, in fact, get me into the site, I figured it must be the right one, so I told 1P to go ahead (as I had done last night). Checking in my database, much to my surprise, 1P had indeed updated the Login item with the correct password (unlike last night). However, the Password item still has not been deleted.

    So this morning it worked half-right. Last night it didn't work at all right. Very strange.

    1Password 6
    Version 6.0.2 (602004)
    AgileBits Store

    Safari extension 4.5.2

  • jxpx777
    jxpx777
    1Password Alumni

    @reggoboy I'm sorry for the trouble you've had. I'm glad things are sorted out for now, but I definitely don't like not properly knowing what the issue was. I did find today that there is an issue with removing some Password entries, especially if they are created by the user in the main app rather than, say, using the password generator in 1Password mini. I've opened a report to get this improved, but I don't know for sure when we could expect to see it in place.

    Again, I'm sorry for the issue you had. If you see it again or if you have any other issues, please do let us know and we'll do all we can to help sort things out.

    --
    Jamie Phelps
    Code Wrangler @ AgileBits

    ref: OPM-3792

This discussion has been closed.