Whenever I change password, the change password page gets defaulted as the primary site
Hi all,
I think this is more a bug that a question, but here goes...
If I login to a site and my password expires, I will be directed to the 'Change Password' page. Similarly if I receive a password reset or welcome email, I will be directed to the 'Change Password' page.
Then, like a good boy, I will use 1Password's Password Generator to create a new password.
Finally, I will change the password and 1Password will ask me if I want to add the login or update the password in the vault. Of course, I will.
Annoyingly, 1Password doesn't just update the password, it will also add the 'Change Password' page to the list of sites that the password is valid. Further, it will be the first site in the list.
The problem is that when I go to 1Password to launch the site next, it will direct me to the 'Change Password' page instead of the login page. Something I find really bothersome.
For New Logins: I would prefer that 1Password prompts me to identify the login page or simply guesses by taking the full domain and striping off the path. Further, when next I login, I would prefer it to ask me if I want to update the login page / "primary" site to the current one.
For Existing Logins: I would prefer that 1Password asks if I would like to add the current page to the list of sites or simply not add it at all, especially if there is an existing site in the same domain.
Cheers,
Derek
1Password Version: 5.x, 6.x
Extension Version: all
OS Version: OS X 10.x
Sync Type: Not Provided
Referrer: forum-search:change password page
Comments
-
Greetings @derekch,
So something doesn't seem right here, I'm just not sure why yet.
Let's use Twitter as an example. I have one website field stored in the item and it is https://twitter.com/login. Their change password page is at https://twitter.com/settings/password. I go there, paste in my old password and use the Password Generator to fill the new password fields. At this stage a new Password item is created that contains the generated password and does store the URL https://twitter.com/settings/password as that's where the generated password was used.
When I click the Save changes button I get the following window pop up.
If I click Update Existing it only alters the stored password in my existing Login item, the website field isn't touched at all and this is what I see any other time I've updated a password. The code doesn't touch the website field in this situation.
Now when you save a new Login item it does store the URL for the page you were on. I don't envisage us altering the current behaviour. If we stored just the domain we would be stopping open and fill from working for every new Login item created for every user, including all of those that created their Login item from the actual login page. The idea of asking if the user wants to update the website field if filling occurs on a page that doesn't match the URL field stored is an interesting one. Such a feature though would have to have few false positives otherwise it would become annoying fast. Should a site have any sort of dynamic aspect to the URL (there are weird sites out there) then it would result in 1Password asking every time and that would grow tiring quickly.
The first thing to do is figure out how you're managing to see website fields appear when you update an existing Login item as that shouldn't be happening.
0