Cannot fill anymore my bank login (UniCredit)

Lucar
Lucar
Community Member
edited March 2016 in 1Password in the Browser

Hi, since today i cannot anymore fill in login for my bank website:
https://online-retail.unicredit.it/login.htm

1Password fills only the username ("CODICE DI ADESIONE") but no more the password ("PIN") and hits "ENTER", leading me, obviously, to an error page. This either on my PCs and on my iPhone. Anything i can do? Thanks

btw: filling in manually, 1Password asks me to save new login/update. If i update, the thing that is updated is my password that becomes "11111111"


1Password Version: 4.6.0.604
Extension Version: 4.5.3
OS Version: Windows 7, Windows XP, iOS 9.1.2
Sync Type: Dropbox

Comments

  • Lucar
    Lucar
    Community Member
    edited March 2016

    Solved inspectioning the webpage and manually changing the web form ID in 1p (saving a new login 1p cannot read it correctly and leaves the ID empty)

    EDIT: worked only for the 1st login, and then stopped working again :(

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    Hi @Lucar,

    So that seems to be a really tricky site. I'm not entire sure yet but I have to confess I have a nagging doubt at the back of my head as to whether we can work there. Can I ask, has the site changed at all very recently?

    So why the doubt? When I inspect the page before and after entering a PIN I can see that the act of entering digits into the PIN field causes the web page to change. Basically there is a hidden field that their JavaScript is creating after the first keypress in the PIN field. This hidden field has the HTML name __autentication and the value stored in it changes with each additional keypress - it's reacting to each digit typed into the PIN field. What's more it has a temporal aspect to it, deleting the typed PIN and re-entering it causes a different value to be stored so it's reacting to every keypress including the delete key. If this value is what is authenticating you with the bank's server it might be the only way to work with the site is either entering the password manually or maybe copy and paste.

    I would love to be wrong here. We have seen something like this before with an Israeli bank where the password field was altered after every keypress and how we filled simply wasn't compatible. It feels like the same issue here but I would love to be wrong and to discover that we could indeed work with this site.

    @jxpx777: Is there anything I've missed or made a mistake about? (fingers crossed Lucar that I have).

  • Lucar
    Lucar
    Community Member
    edited March 2016

    Hi @littlebobbytables, the site look is exactly the same as yesterday. But I guess something has changed, since it never gave problems before. So probably they have added the security measure you describe to avoid logging by malicious code or something like that...
    About entering data in the PIN field: of course the manual way works, and copy/paste too.

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    We'll see if @jxpx777 can think of something cunning then @Lucar. It's certainly now elegant and does diminish a bit of 1Password's usefulness but at least copy and paste works but please don't take that as any sort of indicator that this is a solution, I'm hoping it's more a temporary workaround.

    ref: OPM-990

  • Lucar
    Lucar
    Community Member

    Thanks @littlebobbytables @jxpx777, fingers crossed

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    Hello @Lucar,

    There are days where I'm not sure my brain ever woke up and it seems the 4th was potentially one of them.

    Can you try something for me please. As a 1Password for Windows user there is something called Auto-Type. The first thing to do is see if it makes any difference.

    1. Load up your bank's page (https://online-retail.unicredit.it/login.htm)
    2. Click on the CODICE DI ADESIONE field so the cursor is ready to accept your username.
    3. Open 1Password for Windows, the main application's window, and select the Login item for your bank.
    4. Click the button in the toolbar titled Auto-Type which looks like this
    5. 1Password will ask if you want to use Auto-Type with this Login item and the window will look something like this
    6. If it is showing your preferred browser simply click the OK button.

    This should fill both the username and PIN fields using the details stored in your Login item. It differs from how the extension works because it's using Windows Auto-Type feature, it's just as if you typed out the username, pressed the tab key to move focus to the PIN field and then typed your PIN.

    If that allows you to successfully log in then the section titled Full-time auto-type on our page Using auto-type will show you how to set a particular Login item to always use Auto-Type. I'll be interested to know if this helps and I do apologise for not picking up on this sooner.

  • Lucar
    Lucar
    Community Member

    hi @littlebobbytables,
    yep: success! This way works. Tried both in Firefox and Chrome, and it's ok. The same using the extension/1pmini once already on the right website and with the cursor blinking in "codice di adesione" field. The only strange thing with 1pmini is that the windows opens in the bottom right corner and not near the cursor as always.

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    Hi @Lucar,

    That's great news! This should mean that if you set this Login item to always use Auto-Type that you don't need to go through any different procedures when filling, you should simply be able to tell 1Password to fill like you do with other sites although do keep an eye on where the cursor starts off as Auto-Type is very dependent on the cursor being in the right place and ready to accept input. Sorry it took so long to think of the obvious thing to try given you're on Windows. I shall have to do something about removing the fog surrounding my brain!

    If you have any other problematic sites please do let us know!

  • Lucar
    Lucar
    Community Member

    hi @littlebobbytables,
    thank you very much. And thanks for pointing me at "use autotype in browser" function in the login item: i didn't know its use, but now understand (and it works: just tried).
    Thanks again.

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    Hi @Lucar,

    Well you see how long it took me to remember to suggest it so I can see why some people haven't heard of it or used it before :smile: I'm just glad we managed to find a way that worked.

    Slightly off topic but a similar situation is what kept me in the forums back when I wasn't part of the team and simply a user like yourself. I had never come across the ability to manually save a Login item before and for me that massively changed how I used 1Password. I started frequenting the forums and the next thing you know I've been given an opportunity of a lifetime and now I'm part of the team. Discovering the ability to manually save a Login item still sticks in my memory though as one of those wow moments :smile:

  • Lucar
    Lucar
    Community Member

    You guys should add a "thank you" button to the board, @littlebobbytables ;)

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    If you're happy then I'm happy and that's all that matters :) If we can help again don't hesitate to reach out to us!

This discussion has been closed.