1Password does not work for the main sites I need it for!!

I purchased 1Password three days ago after been severely hacked twice. It's been a nightmare trying to work out how to use it, even after watching the training videos on YouTube. Worst of all, it actually doesn't work at all on the site that I need it most for - my bank!! I logged into my bank and went through the steps to change my password, to ensure it was a strong as possible. I used 1Password to generate a new password, as I'd managed to do for other sites, and the banking website said that all was good and that I'd successfully changed my password. There it was, all nice and neat with its little icon in my 1Password list. But then I go to login to my banking account later that evening and guess what?? No way of logging in. Even when I manually copied and pasted the password from 1Password, it was incorrect according to the banking website. So I went in and laboriously changed all the passwords again, once again using the password generator. Told that I'd successfully updated my password I happily logged out and went to log in again, just to make sure. NO LUCK! Once again, the login was unsuccessful and it did not accept the stored password. So I've bought a lemon. AND I've had no response to the emails I sent asking for help, OR to the comments I left on the FB page and, so far, no response to my messages on Twitter. I am so frustrated I actually cried tonight. This has been highly stressful trying to get this program to work across my computer and my phone. And I should add that I'm a university professor, very proficient with computers. This program simply does not work in the way it is supposed to and I am really really fed up.


1Password Version: 6
Extension Version: Not Provided
OS Version: Sierra 10.12.2
Sync Type: Dropbox
Referrer: forum-search:how to post a comment

Comments

  • matthew_ag
    matthew_ag
    1Password Alumni

    Hi @Felice,

    I'm terribly sorry to hear about you having been hacked, for the poor experience so far and all the stress involved. I hope I can help get 1Password working for you as expected and help you lead a more secure life. 1Password should help you feel more secure not more stressed. Let's fix that!

    I'm very sorry about the lack of response to your emails, I have checked our support ticket list but can't see any emails from the email address you signed up to the Forum with. Perhaps you used a different email address to contact us with? Please don't copy any email addresses here though, if you wish we can continue this discussion privately - just reply here and let me know if you'd like to do that and I can create a support ticket with you directly.

    If however you're willing to discuss this on the forum, let's try and figure out the problem with the banking website. It sounds like the banking website allowed you to change your password to something that wasn't accepted later on. Unfortunately this is possible if the bank only accepts passwords of a certain length but does not enforce that maximum length when you're entering the new password. So for example, if the maximum password length the bank accepts was 10 characters and you used 1Password to generate a password with 25 characters then it's possible that the bank's website stripped off the last 15 characters of your password. This might have happened if you used the Password Generator to Fill in the new password or copied and pasted the new password into the Password Change form. Then once you clicked "Save" on the form, 1Password thought that your new password was the one with 25 characters but when you log out and tried to log back in it failed because the bank thought your password was only the first 10 characters. Hence you got locked out.

    This of course is just a guess at what is happening. If you're able to log back into your bank now and view the Password Change form, do you see any mention of what limits the bank imposes on passwords, e.g. maximum / minimum number of characters. If you don't, you could try entering various random passwords into the field to see if any error messages appear (needless to say this is only for testing purposes, please don't save any changes yet).

    Hopefully once we understand the password requirements of your bank we can figure out how to create a password that will work correctly.

    Best regards,
    Matthew

  • Felice
    Felice
    Community Member

    Thanks Matthew. I noted the bank restrictions on the length and composition of the password at the start, and generated a password that fitted those criteria from the first. However, I might try making it even shorter and seeing if that helps. It seems ridiculous that the bank wouldn't want the longest and most complex password possible doesn't' it? But my bank seems very amateurish in a number of respects. At this stage though, I did generate a password that fitted the bank criteria and still had this issue so I'm not sure it's that. I will try with a shorter password though.

  • Felice
    Felice
    Community Member

    Well this is interesting. I just reset my bank password manually, using a password that I generated (NOT a 1Password generated password). 1Password offered to save this as a login, so I said yes. Then I checked the password it had saved, using the 'reveal' button and guess what? It was a completely different password to the one I had chosen and set myself!!!!! So from what I can tell, this program is highly problematic and buggy

  • jxpx777
    jxpx777
    1Password Alumni

    Which bank is it? There are a few banks such as several Westpac owned banks in Australia that actually do change the value in a way that 1Password doesn't detect. But, if you change the password to the correct value, it should fill properly.

  • Felice
    Felice
    Community Member

    It's Bank of Melbourne, which is Westpac owned. I made my own password and 1Password offered to save it as the login. So I pressed 'yes' or 'save' or whatever, but when I 'revealed' it, the password it had saved was completely different

  • jxpx777
    jxpx777
    1Password Alumni

    Hi, @Felice. Glad to know I was on the right track! Please see this post where I describe the problem in more detail.

    In order to have 1Password work for this site, you'll need to manually update the password in 1Password to the correct one that you generated. Then, make sure the Bank of Melbourne URL is in the list of sites that are excluded from autosave in 1Password > Preferences > Browsers. Each time, the site will transform your password into a totally different value and this will be recognized by 1Password as needing a new Login saved if autosave is allowed for the site.

    I hope that helps. Let us know how it goes!

  • Felice
    Felice
    Community Member

    ah, that makes sense. I read that post - BoM has the WORST (meaning almost non-existent) security processes. As long as someone knows your birthdate and has access to your phone number, they can go in and change all your passwords and security codes in 30 seconds. My phone number has been ported twice and my bank hacked as a result and it's the bank's fault.
    I'll go and sort that out now. I do wish that had been made clear in some way on your website or in a memo somewhere. It would have saved considerable stress and frustration! Cheers

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    Hi @Felice,

    Sorry for the confusion although after reading the entire thread I am at least happy to hear there was one small victory in terms of getting a working Login item. Obviously you've still got quite the battle in front of you to ensure everything remains secure even if you're using 1Password and we feel for you. Banks, well financial institutes in general is pretty much a trigger item for me for so many different reasons. Your idea of somehow notifying users has merit although I don't think we've got anything in properly in place that would do so right now. You'd really want the first level of warning right when 1Password offers to save so you have the heads up and if we keep a list and 1Password can utilise it we'd better have a way to ensure its kept up to date as bad information is possibly even worse than none at all. It would be nice if saving on a known site could give you a heads up though, I can't disagree with that.

This discussion has been closed.