Multiple accounts matching despite different addresses?
I have some accounts that have multiple web addresses attached to them, and those accounts all correctly show up on those addresses. Then I also have some alternate accounts that are only for one, specific address each, but for some reason they still show up on different addresses where they wouldn't work.
For example, I have AD account A, with lots of addresses to stuff like sharepoint pages, ticket systems, e-mail, etc. most of which are on subdomains to the company primary domain. It also has the address of the primary domain without subdomains, which seems to make it match even on pages that aren't explicitly stored in 1P. That's all fine.
But I also admin some services on specific subdomains, for example "https://service.primarydomain.com", and for that service (and that service only) I have additional 1P accounts for local logins or test accounts.
Here's the problem: even though I have only specifically added that specific, full address of that service on that subdomain to those additional accounts, those accounts show up for ANY login to the primary domain as well. So whenever I log in to my e-mail, I now get multiple accounts suggested that will never, ever work there. It also does this for other subdomains, not just the primary domain.
Why do these accounts match on websites where they shouldn't? And is there a way to tell 1P NOT to match them anywhere other than where they're supposed to?
I haven't used any wildcards in any addresses either. It's all full https:// addresses with primary domains and subdomains.
1Password Version: 7.1
Extension Version: 7.7
OS Version: macOS 10.15.7
Sync Type: Not Provided
Comments
-
Hey @mekberg ,
1Password mainly uses the base domain of a URL to match websites, so it doesn't matter if the URL you are on has a different subdomain, prefix or suffix. As long as the base domain matches, 1Password will show that login item (and all others that have the same base domain).
So if you go to a websites "company.com" and open 1Password, it will suggest the following (as an example):
- company.com
- login.company.com
- service.company.com
- staging.company.com
- company.com/admin/console
- new.prod.company.com
- etc...
However, the order in which 1Password will suggest these logins should be:
- Favorites that contain the same base domain
- Exact matches of the URL you're currently visiting.
- All other logins that contain the same base domain.
So if you visit new.prod.company.com and there's a login item with that exact URL, it should show up first (unless you have a favorite login that also contains "company.com" in the URL, which will take precedence).
Currently this is how 1Password works with suggestions, but we're definitely getting some feedback to add such restrictional features as you have brought up here so I will add your report to the feature request's log :)
ref: dev/projects/customer-feature-requests#31
0 -
Yeah, I guess that makes a kind of sense, but still, if I had one primary domain and ten subdomains, each of which had a service with a local, unique login, the designed way for 1Password to work would be to show all ten logins on all ten subdomains (even if the correct one hopefully gets ordered on top)? You see how that might also be annoying and confusing?
Thanks, I look forward to the development on this issue.
While I have you, let me put in another vote for the ability to reference passwords on multiple accounts. While I may have an AD/LDAP account on the primary domain that works on all subdomains too, sometimes different services require the username to be formatted differently (like with or without @domain). Saving multiple accounts makes 1Password complain about "reused password", and again the same issue of prompting multiple accounts that match the primary domain, despite having configured specific subdomains on specific accounts, would impact the user as well.
0 -
Glad I could shed some light on the matter @mekberg :)
As long as 1Password shows the correct exact match at the top, things should not get annoying at all, but I can definitely see where you're coming from here.
I would also suggest you utilize favorites if you have specific login items that you use a lot more often than others, that would make things even easier.As for the multiple accounts with different username formatting, that's a very unique edge case but I'll forward it as well.
Thanks for bringing it up :+1:0 -
I don’t think it’s very unique at all, and I’ve seen requests for this for years on this very forum. It’s a common enterprise thing. All systems are connected to the same core directory service, but not all systems ONLY use that service, or use the same formatting. One system may use more than one directory, which forces the use of domain-suffix in the username, and another may only take it as a “domain\” prefix instead.
Both of these basically stem from using 1Password in large enterprise environments, and while they perhaps wouldn’t be as problematic for the private user, it should still work for all uses as well. You even offer business versions of 1Password, so clearly you have entourage use in mind as well.
I’ll look into the organizing and favoriting of my passwords, thanks.
0 -
Thank you kindly for the additional info and feedback @mekberg .
You are correct, we do have solutions for businesses and enterprises, which is exactly where this feedback should go, and that's where I'll forward it to :+1:
Much appreciated. Let me know if you have any further feedback or issues you'd like to discuss.ref: dev/projects/customer-feature-requests#16
0 -
Excellent, thanks!
0 -
You're most welcome :chuffed: :+1:
0
