Feature Request: Choose Vault When Creating a New Login
I am always working with 7 vaults combined. When creating a New Login it defaults to Personal. It would be great to be able to click on Personal (see pic) and have a drop down of my 7 vaults and let me pick which vault I'd like to place this new login in. Especially since Move is really a Copy & Delete.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
I'm unclear from your post whether you're using the stand alone version or the subscription version of 1Password 7. However, certainly in the stand alone version there's an option under 1Password 7 > Preferences > Vaults to select the default Vault for Saving.
Stephen
0 -
Subscription: Families. I realize I can change the default. The issue is I'm creating entires for one of the other six vaults. Presumably when you first create a New Login it hasn't been saved (it's only in memory) and switching the destination vault would be trivial (ha ha).
0 -
@invalidptr - Can I ask: are you creating the Login record by clicking the Plus (+) button in 1Password 7 for Mac's main window? Or are you allowing 1Password to capture your login details by way of the browser extension?
0 -
Using the Plus (+) button in 1Password 7 for Mac's main window.
0 -
@invalidptr - thanks for the confirmation; that's what I was guessing. Of course, you can use the plus button...but it's not the recommended way to create Login items. When you create a Login via the browser extension's capture, you get all the correct data fields for the page in question, not just the URL, username and password. When you use the plus button, you have to enter that manually, and often people don't get the URL for the login page correct because the login page isn't what you expect it might be.
The other substantial advantage to using the browser-capture method is that you do get a choice of vaults. 1Password still defaults to your "vault for saving" selection, but there's a drop-down for choosing a different vault. Hope that helps!
0 -
Thanks for the detailed response @lars. I've been a 1P user since 2009 and I've never been quite happy with the "add login flow". It's kinda hard to put my finger on why so bear with me. As you can see I'm closing in on 2000 documents so I've been around the block a few times. I am a programmer myself so that probably doesn't help.
- The login URL is often different from the URL used for signup
- Never been comfortable with knowing definitively whether the Password document gets converted to a Login document? (NB: to 1P credit I have never "lost" a password. If you even hint at a password, 1P does an excellent job of making sure its captured)
- In your scenario does that mean my Password document gets created in my default vault and then via the browser extension my Login document gets created in a different vault and the Password document then gets deleted?
- There is always the struggle of "Your generated password can't use the character". My "go to" here is to edit the password and change the offending character into a legal symbol character. I feel kinda lost when I've had the browser extension generate the password and now I need to tweak it. How is that supposed to work?
I will endeavor to give the browser extension another shot and try to nail down why it makes me uncomfortable.
0 -
@invalidptr - thanks for the thoughtful reply. I had you pegged based on the quality of feedback in your initial comments as someone who was quite involved in tech, so hearing you're a developer doesn't surprise me. :)
Never been comfortable with knowing definitively whether the Password document gets converted to a Login document?
It's not a 100% certain process, for sure. I'd like to be able to say I think it's somewhere around 90% of the time that a user will get asked to save a login based off the registration page, but we have no actual metrics for that (mostly because we have no idea how many times users out there are attempting to use the browser extension to capture details).
The login URL is often different from the URL used for signup.
Yup -- this is frequently true, and it can indeed be a pain -- one we can't easily overcome. 1Password (as I'm sure you probably suspect) can't "figure out" what the correct login URL should be, if the capture is attempted on a Registration page that's not the same as the usual sign-in page. What I personally do to properly capture a login record in 1Password (especially if I suspect or know for certain this is the case), is this:
- Register for the site at whatever page they use, using 1Password's password generator to create my password for the site, but do NOT save the record in 1Password (i.e. decline the pop-up prompt to save). As you say, any password generated by 1Password will be saved as a Password item, so I don't worry about losing it.
- Do any profile twiddling or other housekeeping I need to do in the account I've just created, and then sign out of this new account.
- Locate the direct login page for the site, if it exists, enter my username or email and then find the saved password item I just created earlier for this site and copy/paste that into the password field of the sign-in page.
- Click Enter or Submit (or press Enter), and this time, 1Password should offer to save the Login record, which will now be correct without a lot of extraneous registration-only details, and with the correct URL.
Another way to do it, that works if for some reason 1Password still doesn't offer to capture the login automatically upon submission is to do step one above, then find that direct login page URL and copy it. Then locate the Password item in 1Password which contains my just-generated password for the site and click "Convert to Login," pasting the URL into the "website" field in 1Password and manually entering my username/email address. Either way will work, although the latter will have created the Password entry in the "Default for Saving" vault, which would require Moving the item, as you mentioned.
And the final trick up my sleeve for this would be doing step one above, then follow these instructions for saving a login manually in 1Password. This method also allows you to select the vault into which you want the Login item saved.
In your scenario does that mean my Password document gets created in my default vault and then via the browser extension my Login document gets created in a different vault and the Password document then gets deleted?
Password items are NEVER deleted by 1Password, to avoid scenarios where you thought you saved a Login but didn't, or 1Password didn't capture it, and now you don't know what your own password is.
I feel kinda lost when I've had the browser extension generate the password and now I need to tweak it. How is that supposed to work?
Your solution is - unfortunately - about as good as it gets. Websites (well, many of them, anyway) are getting smarter about security and not engaging in either weak security practices or needlessly complicated password policies that offer dubious improvements to user security, but there are unfortunately still too many sites out there that engage in what we sometimes refer to as "security theater," forcing you to use upper and lower-case letters but not Q, B or Z, exactly three symbols unless it's Tuesday (in which case, five), the middle name of a Russian cosmonaut, and any six sequential numbers from the first thousand digits of pi. We're seeing fewer of those, but it probably won't ever go away completely. And although the above is obviously written with tongue planted firmly in cheek, I made it cartoonishly extreme intentionally to illustrate the point that we just can't design the password generator to cover every existing scenario someone at a site can dream up. We do make adjustments to how the password generator works on a pretty frequent basis, but there will always be one-offs that you just have to adjust by hand.
I hope the above was helpful, but feel free to ask any follow-ups or offer any suggestions you might have. Cheers! :)
0 -
@lars, thank’s for the detailed write-up.
Always been fascinated when Apple offers to save a password but 1P does not.
I just looked at BE > Gear > “Report Website Issue” for the first time in a while. Kinda wish there was an expedited way to report a website with “Apple offered to save but 1P did not” or “1P did not offer to save information”. Even if internally you didn’t act upon it and used it instead as a voting system (“Woah, a lot of people are experiecing trouble with $website”) Best way to report this? Go through creating a diagnostics report? Again, not looking to add work for you folks but it could help answer the metrics question.
I like what you said about saving it after creation but during first actual login. I often tell my kids to logout/login right away to make sure everything worked but modify this to do the save the second time. TBH part of my problem with this flow is two fold: 1) I hate typing (as in borking an email address) and 2) I have infinite email addresses (eye roll). As I think about this, that is part of the method to my madness… create the Login document; type in my globally unique email address for this website; prepare myself for $invalid_char_in_password; and other housekeeping (mainly to do with adding information to Section). Not looking for you to solve this… just letting you know where I’m coming from.
Here’s a crazy idea: [Checkbox] “Generate password with limited symbols”. I should have been screen capturing every time I get an $invalid_char_in_password error and see what the Venn diagram looks like. The kicker is they almost always tell you $invalid_char_in_password after your first attempt. Ugh, frustrating issue all around.
0 -
Here's another use case I ran into tonight. I'm trying to create a Driver's License document. I expanded all my vaults; selected the destination vault; then clicked on the Plus (+).
0 -
@invalidptr - Yep, I agree it would be helpful to have a selector in the manual creation field in addition to the one in the browser-capture window and the de facto one that's the vault selector in the sidebar. Thanks for the discussion and I'll run it up the flagpole. Given the hubbub around here lately with 1Password 7 for Windows and 1Password 7 for Mac in beta, plus the new 1Password Business, I can't say I'd give good odds for anyone getting to this in the near future, since it's more of a UI/convenience feature and there are at least two other ways to solve the issue right now, but it's definitely worth mentioning. Cheers, and thanks for being willing to share your ideas!
0 -
@lars I had the chance to put into practice what we discussed tonight. New signup; BE used to create a password; declined creating the Login document; logged out; signed in; accepted this second invitation to create a login document.
I'm scratching my head because the Login document has two websites. The signup URL first and then the sign_in URL. How did two URLs get in there? I'll inspect things closer next time but I'd say this a bug... if you're gonna capture the signup URL at least make it the second entry. "URL at time of Login document creation should hold the #1 spot."
0 -
Hello @invalidptr,
I have a couple of quick questions if you don't mind. When you say BE, does that stand for beta extension or something else? I just want to make sure I'm following the context properly :smile: The other one is how would you feel about sharing the URL for the example site you referenced in your last post. I'm curious to match how it's designed with how we're saving to see if I can understand why it has done what it has done too. I agree that if two URLs are going to be saved, if there's a good way of identifying one over the other then it would be handy for 1Password to do so for the reasons you've specified.
0 -
BE = Browser Extension
Website: https://bignerdranch.influitive.com/users/sign_up
Website: https://bignerdranch.influitive.com/users/sign_inThey are both labeled "website" and in the order I see them. Is this a "sort order" issue? If "Open & Fill" were implemented which would fire?
0 -
Regarding my idea of a Venn diagram of allowed special characters... I just created new password for AT&T/Yahoo and the only two special characters allowed were underscore and hyphen. Sheesh!
0 -
OK, just created a new login from scratch with the flow: Browser Extension used to create a password; declined creating the Login document; logged out; signed in; accepted this second invitation to create a login document.
This time I viewed the Password document and saw that indeed the URL was saved. When I created the Login document, 1P7 converted the Password document to a Login document as you would expect. Both URLs are saved with the "create account" URL first and the login URL second. Until Open and Fill is implemented I can't be certain this a bug or not (if Open & Fill takes me to the "create account" URL it's a bug).
0 -
@invalidptr - I can't test using your above links; for me, it's showing I need a join code to get to the sign-up page. All I can see is the sign-IN page. But that's OK -- let us what you discover, once Open & Fill is updated for 1Password 7 for Mac. The only thing that makes me a little curious is that unless the page itself is directing it to do so, 1Password shouldn't "convert" the Password item into a Login item the way it would if you clicked "Convert to Login," especially if there are different URLs for sign-up and sign-in. You should have a Password item, generated on the sign-up page, but the saved login item would be from a different URL. That alone should prevent any sort of "conversion" or deletion of the Password item.
0 -
@lars In my prior post, I experienced the Password item conversion to Login item with the following two URLs (I have a problem with Kickstarter spam so now, every new Kickstarter for me is with a new unique email and therefore new account)
Signup: https://www.kickstarter.com/projects/1252280491/myst-25th-anniversary-collection/checkouts/86432809/thanks?clicked_reward=&event=create&pos=&ref=
Login: https://www.kickstarter.com/login?ref=navI presumed since the domains were the same the conversion occurred. I went to the 1P7 Password tab > sorted by Date Modified to be certain a Login document wasn't being left around.
0 -
Thanks @invalidptr. I’ll check with development and see what the intention is here. Sorry for the delay.
Ben
0 -
OK, just created a new login from scratch with Version 7.0.BETA-9 (70000009).
The flow: Browser Extension used to create a password; declined creating the Login document; logged out; signed in; accepted this second invitation to create a login document.
I believe we now have your expected behavior:
- I have a Password item
- I have a Login item
- Both items have a URL that starts with https://www.restaurant.com/
My question is: What is your feeling about the two documents? The Password item document feels redundant. Invoke "Remove Redundant Generated Passwords"?
You're not going to believe this...
- I went the "Remove Redundant Generated Passwords" route.
- When I invoked the command it offered to move 14 Password items to the trash which I did.
- But it didn't remove the Password item I just created.
- When I run "Remove Redundant Generated Passwords" I get "No redundant passwords to clean up"
- When I search for the password I get two documents: the new Password item and new Login item
- Note: I had to tweak the password that was generated (it was 1 char too long) and I just noticed Password items don't have the notion of "show previously used passwords". (I thought maybe a Password item with two passwords in it might not get deleted).
0 -
@invalidptr - yeah, you'll get that if you alter the generated password. It wasn't actually generated by 1Password if you make changes to it (even if all you did was add, change or delete a single character). If you try it again with a site on which you don't make changes to the password, you should get the expected behavior and be able to remove the generated password with the "Remove redundant" command.
There's also a way, using Terminal, to Disable Password item creation when copying password from Password Generator in the mini. If you think that would be of value, I'd be happy to send you the commands to do that, just let me know. :)
0 -
@lars So you're saying that by editing the 1Password generated Password item I've effectively excluded it from the "remove redundant" process. Fascinating...
Regarding your second paragraph, Disabling Password item creation. I find that a little scary given my flow:
(1) Browser Extension used to create a password; (2)declined creating the Login document; (3)logged out; (4)signed in; (5)accepted this second invitation to create a login document.
If I understand correctly, if I had "Disable Password item creation" enabled; I would need to make sure I save the at step 1; otherwise it would be lost forever.
0 -
@invalidptr: I'm not sure I follow. Certainly if you don't save it and tell 1Password not to as well, it will be lost. But it sounds like, from the steps you listed, you are saving it. Is that not the case? Otherwise I'm not sure how 1Password can help if you refuse to save. :(
0