Page opens in Safari but 1Password rings up "This connection is not private".

rwakeford
rwakeford
Community Member
edited October 2017 in Mac

I've put a new login in 1Password for www.biocentreloire.fr. Trying to log in with 1Password I get the following Screenshot

However the same link opens straight away in Safari.
If I do click on the suspect link I start to get taken to a completely different address and I don't even bother to copy down the details but I delete it straight away.

_1Password Version:6.8.3 beta 2
_Extension Version:4.6.11
_OS Version:10.13.1
_Sync Type:Families

Comments

  • Lars
    Lars
    1Password Alumni

    Hi @rwakeford - What you're seeing there is an indication that the SSL (https) certificates they're apparently using at biocentreloire.fr are either expired or fraudulent or are being used to secure a different domain than the one specified. This certainly CAN mean someone's trying to steal your information, but what it means far more of the time is that the site just has their SSL misconfigured. By default, we "promote" URLs without a specified scheme (in other words, where you don't specify either http OR https), to https, because it's more secure and you should be using it wherever you can.

    However, there are some hosts who just don't use https, even for logins, etc, and on those, if you'd like them to fill correctly, you will need to put the http:// in front of the www -- so 1Password won't auto-promote it to https instead. Give that a try, and let us know how it works.

  • rwakeford
    rwakeford
    Community Member

    Many thanks.
    Thought I'd done that the first time I filled in the login but obviously not correctly because it works perfectly now. :-)
    I'll know to do that if I have the same sort of problem in the future too. The site in question just asked to fill in starting with the "www" bit.

  • Lars
    Lars
    1Password Alumni
    edited October 2017

    @rwakeford - Glad it worked for you! To be clear, you should be using https whenever and wherever you can...but sometimes, it's just not possible, and because we "promote" records without a specified URL scheme to https, you'll need to explicitly add the http to the front of the URL in your 1Password login item, on those sites you KNOW won't work over SSL. Cheers!

  • rwakeford
    rwakeford
    Community Member

    I have never before had to manually input the login details for a site ever since I bought 1Password in January 2008. I've always been politely asked by 1Password! ;-) However I'll now know what do do in future. Thanks again.

  • Lars
    Lars
    1Password Alumni

    @rwakeford - that's likely due to tightening of security. We never used to promote records that didn't specify a URL scheme, but times have changed. Most of us have more at stake in terms of online accounts and vulnerability if someone gets hold of our data than we did in 2006. I'm glad things worked out; let us know if you run into any other issues. Cheers!

This discussion has been closed.