1Password saving wrong field in password update?
I used 1Password desktop app to generate a new password for an existing login and I guess instead of using the "copy" button I selected the password text and hit command-C. Then I pasted in the new password into https://offsite.ul.ie/passwordreset/UsernameChangePassword.aspx and hit "Update". The Chrome extension offered to update existing login or create a new one. I opted to create a new one, and cancelled the edit in 1Password desktop, expecting to now have the old password in the old entry, and the new password in the new entry.
Instead, I seem to have the old password in both entries and no way of retrieving the newly-generated password (since I manually copied the password from the edit field). Am I hosed?
1Password Version: 6.1
Extension Version: 4.5.5.90
OS Version: OSX 10.11.3
Sync Type: Dropbox
Referrer: kb:recover-unsaved-password
Comments
-
Hi @CupawnTae,
Thank you for reporting this. I can reproduce the issue on Amazon and I suspect it's down to 1Password getting confused over which of the multiple password fields contains the password you want to keep (Amazon's change password page has three fields, one for the old password, two for the new one). Assuming the change password page for the site you mention is similar I expect it to be the same bug.
I do believe that if you had updated the existing Login item it would have correctly recorded the new password. That's just an aside though.
What you will really want to learn is where is the new password and you should find that you have a Password item in your vault with a title something along the lines of
offsite.ul.ie
. It will contain the new password generated by our Password Generator. Whether you use the fill or copy button in the Password Generator interface or use⌘C
to copy it to the clipboard, any action which suggests you're using the password for something will cause 1Password to create a Password item with that password - it's our safety net. You will then be able to copy the password from the Password item and use it to manually update one of your Login items so you can then use it again. After you're happy you can log back in you can safely delete the Password item and return to a less stressed state (an understandable stressed state when you think you're hosed).If you find this doesn't tally with what you can see please do let us know but any action in the Password Generator will create the Password item and we should only remove the item programmatically if we have a Login item for the same domain with the same password which you don't and neither did I when I tested. We'll wait to hear back from you though.
0 -
Hi @littlebobbytables. Thanks for your reply.
There are no generated password entries for yesterday unfortunately. I've done a bit of experimenting, and it seems that the generator doesn't generate a history trail if you invoke it through the "edit entry" screen...
I verified that an entry is created if I go to the password generator via 1Password mini, but unfortunately I went via the edit screen yesterday.
0 -
You should still have the previous password in the Previously Used Passwords list in that item.
0 -
@jxpx777 unfortunately, it's not the previous password I've lost, it's the newly generated one. I didn't save the existing entry after generating the password, because as far as I was concerned, I had saved the new password in a new entry. But it seems the bug @littlebobbytables mentioned meant it was the old password that got saved. And because of the way I had generated the password, no history was saved. Seems like a very unfortunate combination of circumstances :(
0 -
@CupawnTae Oh, I'm sorry. I think I misunderstood the situation that occurred. It does now sound like an unfortunate series of events combining to cause this issue. I'm sorry for this bad experience! :(
0