App URL changes each time. How to recognize it.
Quicken has changed the way you authenticate to their online account from within Quicken. I was able to capture the App URL but the next time I used it, the URL had changed so 1P did not recognize it.
The capture URL is:
HwndWrapper[qw.exe;;7f6db16c-d33c-43c9-89c1-bdfa76d846f7]
The next time I used it, it became:
HwndWrapper[qw.exe;;7d903e7d-2818-489c-99ff-c03e4b2a0f38]
It there a way to specify a wild card string in the URL (or some other way) so that the it will be recognized?
1Password Version: 4.6.2
Extension Version: 4.6.5 (Mozilla Firefox)
OS Version: Windows 7 x64 Pro
Sync Type: WiFi Sync
Comments
-
@DoctorBrown: Wildcards aren't supported as they generally aren't necessary, but this looks to be a special case. Am I understanding correctly that this app is rotating the URL every time you use it? I'd be curious to know why Quicken is doing this as I can't really come up with any ideas of what it might accomplish for them, but regardless this isn't something I think 1Password will be able to work with. Sorry. :frown:
0 -
As near as I can tell, yes, Quicken is changing the ID embedded in the URL. I have no idea why. Would it be possible to have logic that it matches on 'if url contains'. Which is a match to part of the string. Then the url could be edited to be: contains - 'HwndWrapper[qw.exe;;' Currently, when I hit Ctrl-\, if the match is to an app window, I get a list of possible matches in the lower right corner of the screen.
0 -
Hello @DoctorBrown,
I will need to consult with our team about this question, but I don't think that it will be possible in 1Password. Unfortunately, if the app randomly changes its App URL every time you sign in to it, there is not much we can do here.
Is that App URL different every time?
Thanks!
0 -
@DoctorBrown: The tough thing is that while that would be helpful for you in this particular situation, that kind of change could open the door to make it much easier for a malicious app to try to trick you into filling your login credentials. Choosing a full app "URL" ensures that you're selecting a specific app to fill, and using a wildcard for something as generic as "HwndWrapper" (even with the qw.exe, which any app could be named, frankly), offers more risk for a very small benefit. I'm hopeful that we can make an Auto-Type feature in 1Password 7 that's even easier to use and smarter, without making it easier for users to shoot themselves in the foot, but only time will tell if that can be achieved. You can always copy and paste in these situations if you're confident that the login window is legitimate though. I'm sorry I don't have better news for you otherwise.
0 -
Oh well. Thanks for considering my suggestions. You have all been very helpful and responsive. Thank you for a job well done.
0 -
Likewise, thanks for bringing this to our attention. I'm not sure it's come up before. It definitely helps to get a sense for the issues you and others are encountering so we can take that into account as we develop 1Password in the future. :)
0
