Filling One Time Passwords
Comments
-
In git's defence I was doing some huge refactorings and a few of them went sideways and I had to abort. Without git I don't think I'd ever survive! With that said, I learned long ago to avoid
stashand to keep my branching to a minimum. Git can handle those just fine but I can't! :)0 -
Facebook doesn't work, it fills in my email/username for the OTP.
0 -
Awesome! :) :+1:
--
Andrew Beyer (Ann Arbor, MI)
Lifeline @ AgileBits0 -
@prime: I haven't used my Dropbox account in quite a while (ever since I started using a 1Password.com account). I'm ashamed to admit I didn't have two-step verification set up. However, my account is more secure now, and I've created a fix to fill a TOTP on Dropbox.com correctly. This change should be part of our next build. Thanks!
--
Andrew Beyer (Ann Arbor, MI)
Lifeline @ AgileBits0 -
It appears my change for Dropbox.com inadvertently fixed Evernote.com as well. Like you, I'm in the process of trying every login I have that supports TOTP. :) :+1:
--
Andrew Beyer (Ann Arbor, MI)
Lifeline @ AgileBits0 -
FYI,
TOTP on https://www.betterment.com/ does not fill correctly.
In general, I have been quiet since the extension has been working pretty well for me. I have notices a few bugs, but others have started forum threads for those issues.
EDIT: Included inspector attachment
0 -
Hey @Fooligan,
Thanks for letting us know and especially providing the screenshot! Oh my, did you see the id they are using on that input field?
web_second_factor_authentication_verification_codeis quite the mouthful. I'll submit a fix for this tonight and pending approval it will be in the next build of 1Password for Chrome.--
Andrew Beyer (Ann Arbor, MI)
Lifeline @ AgileBits0 -
Hello,
Thank you very much for accepting my request to be part of the 1Password for Chrome OS beta program! Really liking the new interface and plugin.
I use a service called https://privacy.com, which can generate per-site or per-transaction "virtual" credit cards (that are backed by a bank account), which uses TOTP based 2FA.
Similar to the report from a user above regarding Facebook, where 1password fills in the "username" in place of the TOTP code, I'm experiencing a similar issue on privacy.com.
Here is a screenshot of this page:
And, below is the snippet of the HTML source code of the
<form />as seen on the TOTP code page:<div class="step ng-binding"> <h1>Two-Factor Auth</h1>true<!-- ngIf: twoFactorAuth --> <p class="ng-scope">Enter your time-based one-time access code</p><!-- end ngIf: twoFactorAuth --><!-- ngIf: !twoFactorAuth --> <form class="ng-pristine ng-invalid ng-invalid-required ng-valid-maxlength" id="form" method="post" name="form" novalidate="" role="form"> <div class="error-description ng-binding ng-hide"></div> <div class="fields"> <label><span>Code</span><input autofocus="" class="text -large -monospace -uppercase ng-pristine ng-empty ng-invalid ng-invalid-required ng-valid-maxlength ng-touched" maxlength="6" name="token" placeholder="000000" required=""></label> </div> <div class="controls"> <button class="primary" name="submit" type="text">Complete Log in</button><!-- ngIf: twoFactorAuth --> <div class="ng-scope"> <p><input class="ng-pristine ng-untouched ng-valid ng-empty" id="rememberDevice" name="rememberDevice" type="checkbox"><label for="rememberDevice">Remember this device for 30 days</label></p> <p><a>Lost your 2FA device?</a></p> </div><!-- end ngIf: twoFactorAuth --> </div> </form> </div>Hope this information is sufficient to fix the login flow.
Thank you!
0 -
Hey @vivekkrish,
Welcome to the 1Password for Chrome beta and our Support Forum!
I've taken a look at what you've posted (which was perfect) and created a fix for this website on my machine. This fix should be included in our next release of 1Password for Chrome.
Thanks for your help! Let us know if you find any other websites that have issues filling an OTP.
--
Andrew Beyer (Ann Arbor, MI)
Lifeline @ AgileBits0 -
While I don't really use the TOTP feature of 1Password I figured I'd give it a quick try because this is a beta after all...
I found an issue with the TOTP my broker (degiro.nl) asks. The relevant HTML piece:
<form action="#" method="POST" autocomplete="off" class="otp-verification__form___3aQCI form__form___q2r5R"><div class="input__inputControl___1uxe7 otp-verification__formControl___3esFm form__formControl___2rQW7 form__formLine___2fPOu"><div class="input__inputFieldWrapper___2uHtW"><input type="tel" id="0.18868595353197515" name="oneTimePassword" required="" autofocus="true" autocomplete="off" value="" placeholder="012345" class="input__inputField___3oVZK typography__bodyText___vvcwl index__baseTextStyle___3wqh1 input__inputFieldCenter___3fUZP otp-verification__formControlInput___3frjZ typography__h2___2qMID typography__bodyText___vvcwl index__baseTextStyle___3wqh1" data-com.onepassword.iv="" maxlength="7"></div></div><div class="otp-verification__formLine___2B6iC form__formLine___2fPOu"><button type="submit" class="button__button___h_oAL typography__bodyText___vvcwl index__baseTextStyle___3wqh1 button__buttonInactive___3LgNJ " disabled="">Verifieer GA-code</button></div></form>Although they gave the input field a phone number type ('tel', seriously?) it should be easy to recognize I guess because the name of the input field is "oneTimePassword".
Edit: I'm sorry, I don't know how to format this any better.
0 -
So I'm testing this in Chrome on macOS because I don't own a Chromebook (though I'm contemplating buying a used one to test with)...and it's quite nice! However, the TOTP autofill didn't work on the site I tried it on so far, which is one of our internal tools we use at work for storing customer documentation, IT Glue. The login page is https://indeedit.itglue.com and the TOTP field appears below the user/password fields after submission when TOTP is enabled for an account. I can pull some details if needed since you wouldn't be able to see it without credentials; let me know what you need. Not a super high priority, just wanted to report :-)
0 -
Hi :smile:
2FA isn't working in GitLab self-hosted in 1P 0.8.4
Cheers!
/Jesper
0 -
Ok, I've now got the 0.8.5 plugin, but still I don't get the TOTP in the field when using self-hosted GitLab. When using the plugin, I get my email address (username) instead of the TOTP.
What exactly is the workflow to get a TOTP field filled out with the correct value?
Edit: Ok, I have tested the workflow in GitHub and the TOTP is correctly filled there. Then there must still be issues with the self-hosted GitLab.
0 -
OTP works flawlessly with Digital Ocean - great! :+1:
0 -
Great! :) :+1:
--
Andrew Beyer (Ann Arbor, MI)
Lifeline @ AgileBits0 -
It pastes the username again rather than the 2FA code at protonmail.com/protonvpn.com.
0 -
@ThatChris: Thanks! I've already fixed ProtonMail (on my machine at least), but surprisingly there's something different with the login form on ProtonVPN that is causing an issue. I'll add this to my list and hopefully get you a fix out in the next release.
Have a rockin' week!
--
Andrew Beyer (Ann Arbor, MI)
Lifeline @ AgileBits0 -
@greew: I broke down and set up my own Gitlab self-hosted site via docker. Our latest release 0.9.1 has some changes that should support TOTP filling, but please let me know if it's not working for you.
@ThatChris: ProtonMail should work for sure, but please let me know if it doesn't. On ProtonVPN, it's going to depend on how your item was created but there's a good chance TOTP filling is working for you there as well.
Thanks for your help, we greatly appreciate your feedback.
--
Andrew Beyer (Ann Arbor, MI)
Lifeline @ AgileBits0 -
I've just tried to use a login with TOTP (github.com) and after filling the username and password, the "Authentication code" screen is displayed and nothing is filled until I click the 1P icon in the menu bar again and select the Github item. Then it fills the TOTP. Is this how it is supposed to work?
0 -
@Manaburner: At the moment, yes. We have some ideas to make further improvements in the future, so stay tuned for more updates.
I hope you have a pleasant weekend.
--
Andrew Beyer (Ann Arbor, MI)
Lifeline @ AgileBits0 -
@beyer
thank you for clarifying.
Have a nice weekend too. :)0 -
:) :+1:
0
