Exact URL matching
Comments
-
I found this thread just now as I've run into the same problem. Work has got our team using 1Password and I'm used to LastPass - LastPass has a clunky way of dealing with this exact issue, but it works.
- LastPass has a global setting to define equivalent domains (different domains that share the same credentials): https://support.logmeininc.com/lastpass/help/duplicate-stored-passwords-across-multiple-sites-lp040007
- LastPass also has a global setting to define URL matching rules: https://support.logmeininc.com/lastpass/help/manage-your-url-rules-lp040008
I personally think BitWarden handles this the best, in terms of allowing multiple URLs in a password entry (much as 1Password does), AND allowing you to specify what part of the URL is checked for a match - per @leopard_shark. It's got a sensible default that you don't need to mess with unless you run into this problem.
I don't think this is just a developer problem either. Lots of companies now use subdomains for various cloud services - i.e.,
<service>.company.com
- and each cloud service has its own password rules. As a user, I just want to be able to hitCmd-\
and press enter on all the things. Having to muck around with a dialog box and find the account I need to use is a pain.0 -
Indeed, those are interesting approaches. I am totally with you on "
Cmd-\
and press enter on all the things". At this stage, however, it's hard to justify diverting developer resources to something like this when there's work to do that will benefit a much greater number of people. It's something we'll continue to evaluate though. Thank you for your feedback!0 -
@forgot_my_password +1 . brenty, it's important feature in the web world! Don't underestimate it. This topic is here more than year and without progress. Unfortunately, for me, it could be the reason to leave 1Password.
0 -
I'm sorry to hear that, but if another tool better suits you you can use it. This is not a feature 1Password has currently, and we can't add every feature that a couple dozen folks request from us over time, as there are many features that meet that criteria. Perhaps it's something we'll do in the future, but you should make decisions based on reality, not on hypotheticals, just as we must. As you can imagine, such a feature would benefit us as well. But that's not sufficient to prioritize it over things that are of greater benefit to the other 99%+ of 1Password users. Sorry.
0 -
@brenty ,
- Logins matching the current subdomain.domain.tld which are marked as Favorites
- Logins matching the current domain.tld which are Favorites
- Logins matching the current subdomain.domain.tld which are not Favorites
- Logins matching the current domain.tld which are not Favorites
That would be nice if it worked like that but it doesn't appear to be working that way. Example:
A. devA.site.com/phpmyadmin, user1, entry named Devel...
B. devA.site.com/phpmyadmin, user2, entry named Produ....
C. site.com, user3, entry named V....
D. dev.site.com, user4, entry named V....(dev)Experience on Chrome + Edge Beta (macOS + Windows)
Go to dev.site.com/phpmyadmin
Expected result: A, B, D, C
Actual result: A, B, C, DGo to dev.site.com
Expected result: D, A, B, C
Actual result: A, B, C, DGo to site.com
Expected result: C, A, B, D
Actual result: A, B, C, DExperience on Safari:
Go to dev.site.com/phpmyadmin
Expected result: A, B, D, C
Actual result: C, A, B, DGo to dev.site.com
Expected result: D, A, B, C
Actual result: C, A, B, DGo to site.com
Expected result: D, A, B, C
Actual result: C, A, B, DSo using both extensions I get the same actual result regardless of what domain/path I was using. It is odd that I was also getting different results on different browsers.
EDIT: For some reason now in Chome when going to dev.site.com I am seeing the order being D, C, A, B which is much closer than I expected. But going to site.com will still give the result of A, B, C, D.
0 -
@bradm: I'm not seeing what you're describing with my own or test data. Generalities are not going to help, as I cannot test it without even version information (of note, this discussion is about the desktop apps), and I'm not able to take it on faith that you're not using Favorites, various settings, or URL variations that aren't having an impact on this. If you'd like to provide specifics I'll be happy to look into it: support+extension@1password.com
0 -
@brenty , ah yes, the good ol "works on my machine".
As for your questions, I am not using favourites (as far as I can tell if the order works correctly for suggestions then I would have 0 need to ever use a favourite). I am using the desktop app. As I am trialing 1Password for my company I had left all settings as stock.Versions of software used:
macOS Catalina 10.15.1.
1Password 7 desktop app, v7.4, build 70400012, installed via the AppStore
Safari 13.0.3 + 1Password 7.4 extension (it lists it as from 1Password 7 in the Safari extensions page)
Microsoft Edge (chromium) v79.0.309.18 + 1Password X v1.16.2.
Chrome v78.0.3904.97 + 1Password X v1.16.2.For Edge and Chrome I had tried to use the 1Password extension (v4.7.5.90) on account of also using the desktop app. Edge was not able to connect to the desktop app. Chrome picked it up just fine but had a 1sec+ delay when attempting to open 1Passwords password prompt. I have uninstalled that extension in both and am only running 1Password X in my chromium powered browsers.
Another oddity I found in my testing is when I am on site.com and I was expecting entry C to show first, the extension was displaying "Suggestions for dev.site.com" (even though I was clearly on site.com not dev.site.com). That could explain why site D was displaying first.
I'll email off a more detailed example with actual domain names + screenshots to support+extension@1password.com when I am next available.
0 -
Sounds good. Thanks in advance! :)
But worth noting, if you're using the 1Password X 1.16.2, that's not at all involved in this. It's an entirely self-contained extension that runs solely in the browser. Again, this discussion is about the desktop apps and their companion "desktop app required" extension. Dalton mentioned some of the differences in 1Password X and that you can type in the username field to narrow the results there though, which is a useful tip.
0 -
+1 for exact URL matching.
I'm discussing with Business Support but the outlook doesn't look great for this functionality being delivered. We recently acquired an IT company, they use an alternative password manager that enables them to seamlessly authenticate with a range of systems (single-click). Fortunately, the alternative password manager offers integration with the likes of 1Password/LastPass, etc, in so far as it launches a webpage which collects credentials - thus can be autofilled, while this slows things down it certainly doesn't make life too difficult.
Unfortunately, however, the absence of exact URL matching begins to make life difficult for an end user when they need to then identify ("search") for 1 of X items, in our case approximately 2400. So yeah, +1 for exact URL matching ;) and then sorting alphabetically.
0 -
+1. Trying to use the same password for www.example.com, www.example.ltd and www.example123.company
0 -
Just wanted to add my 2 cents here as well, I know this is not currently being looked at but for future reference if it gets prioritized. For my specific use case I am a Salesforce consultant and have access to 50+ Salesforce Orgs (not only production orgs, but sandbox orgs as well). I would love to see the ability to filter the URLs a bit better. The first use case for me is the ability for Sandboxes to filter results, you'll see below that the first URL is the production instance in Salesforce and the following are Sandboxes.
https://MyDomain.my.Salesforce.com/
https://MyDomain--Sandbox.my.Salesforce.com
https://MyDomain--Sandbox2.my.Salesforce.com
https://MyDomain--Sandbox3.my.Salesforce.com
etc…Each organization that I have access to has a similar pattern to the above example, and being able to have the matching be set as "match on SubDomain AND Domain" would be immensely helpful. Here are some real world examples of what this looks like from organization to organization.
https://apple.my.Salesforce.com/
https://apple--FullCopy.my.Salesforce.com/
https://apple--Partial.my.Salesforce.com/https://HP.my.Salesforce.com/
https://HP--UAT.my.Salesforce.com/https://Retail.my.Salesforce.com/
https://Retail--UAT.my.Salesforce.com/
https://Retail--partial.my.Salesforce.com/
https://Retail--sales.my.Salesforce.com/Currently in 1Password, if I go to any of the below URLs, all login values are shown since all are technically 'salesforce.com', but it would be great if these could have a more specific list of relevant logins rather than the large list.
0 -
Just wanted to add my 2 cents here as well, I know this is not currently being looked at but for future reference if it gets prioritized. For my specific use case I am a Salesforce consultant and have access to 50+ Salesforce Orgs (not only production orgs, but sandbox orgs as well). I would love to see the ability to filter the URLs a bit better. The first use case for me is the ability for Sandboxes to filter results, you'll see below that the first URL is the production instance in Salesforce and the following are Sandboxes.
https://MyDomain.my.Salesforce.com/
https://MyDomain--Sandbox.my.Salesforce.com
https://MyDomain--Sandbox2.my.Salesforce.com
https://MyDomain--Sandbox3.my.Salesforce.com
etc…Each organization that I have access to has a similar pattern to the above example, and being able to have the matching be set as "match on SubDomain AND Domain" would be immensely helpful. Here are some real world examples of what this looks like from organization to organization.
https://apple.my.Salesforce.com/
https://apple--FullCopy.my.Salesforce.com/
https://apple--Partial.my.Salesforce.com/https://HP.my.Salesforce.com/
https://HP--UAT.my.Salesforce.com/https://Retail.my.Salesforce.com/
https://Retail--UAT.my.Salesforce.com/
https://Retail--partial.my.Salesforce.com/
https://Retail--sales.my.Salesforce.com/Currently in 1Password, if I go to any of the below URLs, all login values are shown since all are technically 'salesforce.com', but it would be great if these could have a more specific list of relevant logins rather than the large list.
0 -
Just wanted to add my 2 cents here as well, I know this is not currently being looked at but for future reference if it gets prioritized. For my specific use case I am a Salesforce consultant and have access to 50+ Salesforce Orgs (not only production orgs, but sandbox orgs as well). I would love to see the ability to filter the URLs a bit better. The first use case for me is the ability for Sandboxes to filter results, you'll see below that the first URL is the production instance in Salesforce and the following are Sandboxes.
https://MyDomain.my.Salesforce.com/
https://MyDomain--Sandbox.my.Salesforce.com
https://MyDomain--Sandbox2.my.Salesforce.com
https://MyDomain--Sandbox3.my.Salesforce.com
etc…Each organization that I have access to has a similar pattern to the above example, and being able to have the matching be set as "match on SubDomain AND Domain" would be immensely helpful. Here are some real world examples of what this looks like from organization to organization.
https://apple.my.Salesforce.com/
https://apple--FullCopy.my.Salesforce.com/
https://apple--Partial.my.Salesforce.com/https://HP.my.Salesforce.com/
https://HP--UAT.my.Salesforce.com/https://Retail.my.Salesforce.com/
https://Retail--UAT.my.Salesforce.com/
https://Retail--partial.my.Salesforce.com/
https://Retail--sales.my.Salesforce.com/Currently in 1Password, if I go to any of the below URLs, all login values are shown since all are technically 'salesforce.com', but it would be great if these could have a more specific list of relevant logins rather than the large list.
0 -
Just wanted to add my 2 cents here as well, I know this is not currently being looked at but for future reference if it gets prioritized. For my specific use case I am a Salesforce consultant and have access to 50+ Salesforce Orgs (not only production orgs, but sandbox orgs as well). I would love to see the ability to filter the URLs a bit better. The first use case for me is the ability for Sandboxes to filter results, you'll see below that the first URL is the production instance in Salesforce and the following are Sandboxes.
https://MyDomain.my.Salesforce.com/
https://MyDomain--Sandbox.my.Salesforce.com
https://MyDomain--Sandbox2.my.Salesforce.com
https://MyDomain--Sandbox3.my.Salesforce.com
etc…Each organization that I have access to has a similar pattern to the above example, and being able to have the matching be set as "match on SubDomain AND Domain" would be immensely helpful. Here are some real world examples of what this looks like from organization to organization.
https://apple.my.Salesforce.com/
https://apple--FullCopy.my.Salesforce.com/
https://apple--Partial.my.Salesforce.com/https://HP.my.Salesforce.com/
https://HP--UAT.my.Salesforce.com/https://Retail.my.Salesforce.com/
https://Retail--UAT.my.Salesforce.com/
https://Retail--partial.my.Salesforce.com/
https://Retail--sales.my.Salesforce.com/Currently in 1Password, if I go to any of the below URLs, all login values are shown since all are technically 'salesforce.com', but it would be great if these could have a more specific list of relevant logins rather than the large list.
0