Random Character from Password

Any update on this topic below? Has the feature been added yet? Many thanks

https://discussions.agilebits.com/discussion/24886/how-to-enter-random-characters-from-password


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Hi @ruck1984,

    We have somewhat of an approach but not one that automates it in a way some people were hoping for. This thread, My online bank asks for random digits from my password. How can I set this up? will show what we have in place in 1Password 6 for Mac which may or may not apply as I don't know if you're a Mac or Windows user. The original issue still applies, the lack of a standardised approach means automating anything will be extremely difficult and the error rate potentially so high as to make it useless which leaves client specific solutions such as the Large Type view the the Mac now has. Is this of any use to you?

  • i'll give it a go. thanks

  • Let us know how you get along and if you find Large Type useful :smile:

  • Digging up an old thread, but unfortunately I am faced with the same case - a bank I have account in, recently merged with another bank, and now I have to deal with this "secure" login form.. You can try looking yourself, just type any username: http://planet.bgzbnpparibas.pl/

    I have tried saving the form manually, and the entry is now storing each of the password letters in its appropriate field:

    ..but unfortunately this does not fill any of the fields. And it's not possible to set the type of the field to be password for more than one item.

    It's not a big deal, but I was interested if there was any progress in this. I just hope this terrible login form will be replaced, but it seems banks love them.

    Thanks,
    Tom

  • Drew_AGDrew_AG 1Password Alumni

    Hi @bzx,

    I'm afraid 1Password isn't going to be able to help automate this process for you. It's extremely difficult (if possible at all) to support automatic filling of fields that ask for random characters from your password. This works differently on each site that uses this sort of sign-in process, so even if we were able to help automate the filling process on one site, it still wouldn't work on others. And even if we made it work for one site, it would likely stop working as soon as that site made a slight change to its sign-in page. You can find a more in-depth explanation from littlebobbytables here: https://discussions.agilebits.com/discussion/comment/256389/#Comment_256389

    Your best bet is to use the Large Type feature of 1Password when you need to enter certain characters from a password. Simply hover the mouse over a password field in 1Password (or 1Password mini), click the down arrow next to the 'copy' button, and choose 'large type'. In addition to being large, each character of the password is clearly numbered to make it easy to find the one you need.

    Sorry I don't have the answer you're hoping for, but perhaps this will at least help to make that a little easier for you. We're here for you if you have more questions! :)

  • Okay, thanks, Large Type will help for sure.

    So are you saying that even though I have every password field saved (as shown below), the app will not attempt to fill it? Isn't this similar to a case where I would have a long form and each of the fields has an entry? Just trying to understand the mechanics here.

  • matthew_agmatthew_ag 1Password Alumni

    Hey @bzx,

    So are you saying that even though I have every password field saved (as shown below), the app will not attempt to fill it? Isn't this similar to a case where I would have a long form and each of the fields has an entry? Just trying to understand the mechanics here.

    This is correct I'm afraid - the matching between the web form details and web page fields can't reliably work with 1Password's filling process as it works today. Let me also give a brief overview of the process 1Password uses:

    1. First the fields on the page are collected and sent to the 1Password app.
    2. The 1Password app determines which Login is to be filled based on the web address.
    3. If there is a single match then the matching begins between the fields and the Login item. The component that takes care of this is known as the Brain.
    4. The Brain tries a number of strategies each to create a fill script which is then passed back to the extension which blindly follows the fill script's instructions.

    Since this is a Login item that the Brain is trying to fill in, all the strategies are focused on filling Login pages. On a basic login page you would have two <input> HTML elements, one of type text and another of type password - this would be the simplest and easiest to fill because the Username and Password elements of the Login item are easily matched with the fields on the page.

    Another kind of page is a multi-page Login where the username and password fields are spread across multiple pages. The Brain doesn't have any history of the pages you were previously on so it can't know that previous Login item elements have already been filled in a previous page.

    Finally the Brain tries to match every element from the web form details to a "fillable" page field from the web page. This will only work if the fields on the page don't change very much with each subsequent log in attempt. The idea is that when we attempt to fill using this method we want to be sure that the page matches what is in the Login item. If a page's fields change (for example where instead of being asked for the first, third and eight character of your password you're asked for the third, fifth and tenth) then the Brain cannot be sure that this filling strategy is correct anymore and rejects the result.

    It is sad that we can't fill this page because the field names are regular and deterministic - the problem is that the effort to fix this website would be high and wouldn't resolve the issues faced by users of other similar websites that employ this "security" technique.

    I hope that helps. Please let us know if we can be of further assistance.

    Best regards,
    Matthew

This discussion has been closed.