Double records

Hi.

Sometimes, when I save a new login (automatically in Chrome extension popup window), two items are created. In categoryes Logins and Passwords.

Login is OK, username, password, website and description is saved properly.
But second is only password and website (+ default description "Password"). Entryes is identical with Login.

I use Chrome 64.0.3282.167 64bit

Example website: https://www.itnetwork.cz/registrace
(I'm sorry, it is in czech language).

Thanks.


1Password Version: 6.8.496
Extension Version: 4.6.12.90
OS Version: Windows 7 64bit
Sync Type: Team Pro

Comments

  • Greg
    Greg
    1Password Alumni

    Hello @Ludvik,

    Thank you for reporting this!

    Do you happen to use a password generator in 1Password extension to generate a password for your new Login? The thing is that when you generate a password with the help of a password generator in 1Password extension, it is automatically saved as an item in the Passwords category of your vault. It works as a backup plan, if you happen not to save a Login item you generated a password for. After that, when you select All Items view in 1Password, you will see those password items alongside your Login items. If you want to avoid it, please select Logins category and you will see your Login items only. Moreover, you can always delete items from Password category if you are sure that all of your Logins are okay.

    Please let me know if it helps. Thank you in advance!

    Cheers,
    Greg

  • Ludvik
    Ludvik
    Community Member

    Thanks. I did not think so. Good idea.

    But it would be advisable to tag this items with a flag or tag.

  • Greg
    Greg
    1Password Alumni

    @Ludvik: All those items are saved in Passwords category. Is there a specific reason why you want to put an additional tag on them?

    Thanks! :+1:

    Cheers,
    Greg

  • Ludvik
    Ludvik
    Community Member

    Because I use Password category for my own records ... for example keys for backup files, ciphered disk partitions, passphrase for RSA keys, and so on (data not related to websites - an attachment in each record type would help me.).

    Specific flag allow easyest deleting this items.

  • AGAlumB
    AGAlumB
    1Password Alumni

    That's not something we design around, but it's something we can consider for the future. Thanks for your feedback! :)

  • Ludvik
    Ludvik
    Community Member

    Another problem with this: saving in active vault is wrong. It causes a pasword leak to team members in some situations!

    It must be in Private vault only.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @Ludvik: What do you mean? 1Password will save to the vault you've selected. If you don't want to save to that one, you can always select another before adding new data. Can you elaborate?

  • Ludvik
    Ludvik
    Community Member

    I spoke about "automatic password backup" - this is done to vault I previously selected for saving login.

    For example:
    I create new login for eshop site in shared "eshops" vault. This is OK. After X hours I try creating login to another site, I use password generator. Application create "password" in "eshops" ... and after this I select Private vault to save login, because it is my own ...

    After that action is Login record in Private vault, but backup copy is in "eshops" - other team members see this.

    For password backup I cannot select vault. This is problem. It must by in Private only.

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited February 2019

    @Ludvik: Ah, I see what you mean. Thank you for clarifying! I'm sorry for the confusion. It's important to note that when you're using the password generator (which saves a new Password item), this is not part of you saving the Login. So it sounds like you're saving the Login afterward and then changing the location to save that item.

    Unfortunately when you generated and saved the Password item, 1Password has no way of knowing that you would later use that password to save a login in another vault. To be clear, this is how 1Password for Mac works as well: it will respect your default vault for saving when it saves generated passwords on use.

    I think it's worth re-evaulating, so I'll bring it up with the team. It hasn't come up before though, I'm guessing because most people (myself included) don't set the default vault for saving to somewhere they wouldn't be okay with items being saved to by default. You might want to consider setting that to a non-shared vault if you're concerned about inadvertently saving things there. Definitely something we'll look at more though. Thank you so much for bringing this up! :)

    ref: xplatform/b5book#796

  • Ludvik
    Ludvik
    Community Member

    I had default vault to Private ... unfortunatelly this setting is not permanent. If I change it in moment saving login ... it change in application settings too. I would not suppose that.

    For security reasons ... please update your app. It is very very big problem in teams ... I can not even delete it, it remains in the thrash.
    Thanks.

    My english not good, sorry. The discussion may be long with me.

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited March 2018

    I had default vault to Private ... unfortunatelly this setting is not permanent. If I change it in moment saving login ... it change in application settings too. I would not suppose that.

    @Ludvik: Earlier you seemed to be saying that you'd set your team vault as the default. I'm sorry if I misunderstood. I'm not able to reproduce what you're saying here though. 1Password is correctly saving to the vault I set as the default. Which version are you using?

    For security reasons ... please update your app. It is very very big problem in teams ... I can not even delete it, it remains in the thrash. Thanks.

    Are you getting an error when you try to empty the Trash in the Windows app? How about on 1Password.com in your web browser? Keep in mind that you can always change the password if you're concerned someone else might have it.

    My english not good, sorry. The discussion may be long with me.

    Your English is fine. I just misunderstood earlier because I'm not seeing the behaviour you're describing. Thanks for being patient with me!

  • Ludvik
    Ludvik
    Community Member
    edited March 2018

    I have last version 6.8.496 (membership: Team), Windows 7 64bit (with all updates), Chrome browser 64.0.3282.186 64bit, 1password extension 4.7.0.90.

    1password is correctly saving to default vault. But default vault is not default definitive.

    In dialog for saving new login I may switch to another Vault. After that - default vault is this selected, not previous (in app settings - key F9).

    For example, starting with this:

    Save login to another Vault:

    Result in app settings is:

    Next using of password generator save "password" to "Pat&Mat". It is not secure - it depends on my eyes and brain. I need to know what I have set before every password generator is used. Between this actions may be many hours, or days.

    My idea is:
    1. default vault must be definitive. Change must only by my hand.
    2. or double settings - one for default as is now and second for this automatic password saving.
    3. or this automatic saving to PRIVATE vault only. In every situations.

    I prefer number 2. It could create a special vault for automatic password save.

    Thrash is possible empty only all items simultaneously, not one by one. Thrash has its advantages, wiping it all can be a bad idea.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @Ludvik: Okay. That's the bug. Thank you so much! I apologize for taking so long to grasp what you're saying, and I appreciate you making it so clear. You're absolutely right: when you change to another vault 1Password should not also change that global setting you've specified for the default. We'll get it fixed. Thanks for bringing this up!

    We don't currently have plans for individually clearing items from the Trash since you can always restore (or destroy) an individual item that's already been removed from the Trash, but it's something we'll look into. Thank you again!

    ref: OPW6-1959

This discussion has been closed.