Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

JoelBC

macrumors 6502a
Original poster
Jun 16, 2012
923
61
I am new to 1Password and am in the process of setting it up...

I am somewhat confused about forums settings when using 1Password...let me explain...

1. Before 1Password I had each forum setup to "remember me" such that the next time I went to the forum I did not have to re-enter my credentials.

2. With 1Password I am thinking that I should "NOT" use the "remember me" feature as this negates the very purpose of 1Password.

Is the above correct noting that the reason that I am confused is that some websites which I have now setup per 2 above do not seem to be storing my cookies correctly even after having cleared my cache and my cookies are starting over again.

Thanks in advance for the help.


Joel
 

Brian33

macrumors 65816
Apr 30, 2008
1,407
345
USA (Virginia)
Hi! I'm a little confused about your question. I use 1Password and I set up all my website logins as per your number 2 above.

I don't think that should change anything about the site's cookies, except the cookie(s) used to "remember" should no longer be used.

I hope you get it straightened out, as I've found 1Password to be one of my most important and useful apps!
 

CylonGlitch

macrumors 68030
Jul 7, 2009
2,956
268
Nashville
1Password sometimes to be smart often. If you aren't logged in, it will automatically log you in if it can. Thus it will act as if you have cookies enabled.
 

scarred

macrumors 6502a
Jul 24, 2011
516
1
With 1Password installed I still make use of the "remember me" feature of websites. I have turned off the web browser storing passwords, so the only thing getting saved are website cookies.

The difference between now and then? I "Reset Safari" (delete all cookies) quite often now. Anytime I take my macbook out of the house, for example.
 

JoelBC

macrumors 6502a
Original poster
Jun 16, 2012
923
61
Appreciate all of the answers but continue to be confused and run into problems so hopefully you can assist...

I am now using the following process:

1. Enter the URL...

2. Log on WITHOUT "remember me"

3. Look through the postings / website

4. When done purposely log out [though I wonder whether this step is necessary given that because "remember me" is not being used the website will not auto log me on when I next return]

I am getting mixed results in that for some sites when I enter they are showing no new posts even though -- by the date and time stamp -- there are clearly new posts.

I continue to think that the correct / right approach is as explained through steps 1. to 4. above but am wondering -- as I am not terribly knowledgeable about cookies -- whether or not my process is flawed because -- depending on the forums software -- I sometimes get the message:

vBulletin Message
All cookies cleared!
Return to the page you were previously viewing
Go to forums index

I would appreciate some assistance as to the proper combination / usage combination of 1Password / Remember Me (i.e. USE / DO NOT USE) / Log Out (YES / NO) / Etc. so that the websites will consistently mark those posts that are new since my last visit.

With much thanks,

Joel
 
Last edited:

JoelBC

macrumors 6502a
Original poster
Jun 16, 2012
923
61
Bump with and update....

I know have 1Password fully setup with all / most of my websites and find that it generally works as advertised which means very well...I would appreciate some assistance / checking with the following instances / websites to make sure that the issues lies with the 1Password or the website and not me.

1. The website is http://forums.fourtitude.com/forumdisplay.php?870-TT-TTS-amp-TTRS-(Mk2-a5-chassis) . This is he one forum where that never indicates new posts (which is driving me nuts).

2. The website http://player.siriusxm.ca/#view=login as the username and password are never entered (i.e. nothing happens).

The same situation exists for http://www.ttforum.co.uk/forum/ucp.php?mode=login .

3. The website https://login.oracle.com/mysso/signon.jsp is an interesting one in that it does let one navigate to it via "bookmarked URLs". To be clear, adding the URL to 1Password results in the message

"
Error! Do not use bookmarked URL. Please type the URL you are trying to reach directly into your browser.
"

which means that one has to first navigate to the website before having 1Password fill in the credentials (i.e. pressing the 1Password icon, typing the first few lettersof the website and then hitting enter will not work).

Answers / feedback to the above would be greatly appreciated.

Thanks,

Joel
 
Last edited:

AGKyle

macrumors 6502a
Jun 10, 2012
546
270
Bump with and update....

I know have 1Password fully setup with all / most of my websites and find that it generally works as advertised which means very well...I would appreciate some assistance / checking with the following instances / websites to make sure that the issues lies with the 1Password or the website and not me.

1. The website is http://forums.fourtitude.com/forumdisplay.php?870-TT-TTS-amp-TTRS-(Mk2-a5-chassis) . This is he one forum where that never indicates new posts (which is driving me nuts).

2. The website http://player.siriusxm.ca/#view=login as the username and password are never entered (i.e. nothing happens).

The same situation exists for http://www.ttforum.co.uk/forum/ucp.php?mode=login .

3. The website https://login.oracle.com/mysso/signon.jsp is an interesting one in that it does let one navigate to it via "bookmarked URLs". To be clear, adding the URL to 1Password results in the message

"
Error! Do not use bookmarked URL. Please type the URL you are trying to reach directly into your browser.
"

which means that one has to first navigate to the website before having 1Password fill in the credentials (i.e. pressing the 1Password icon, typing the first few lettersof the website and then hitting enter will not work).

Answers / feedback to the above would be greatly appreciated.

Thanks,

Joel

Hey Joel,

We got your email and I'll respond to that separately, but figured I'd put it here as well.

1. Any site that isn't behaving properly with regard to new posts really doesn't have anything to do with 1Password. We do absolutely nothing with this type of thing. All we do is fill in the username and password on the site if we're told to by the user.

So if you're having specific issues with new posts not being indicated as new posts it could be a "time" thing. It depends on how the site works. But if you "log out" at a particular time it may show new posts from that time forward. Logging out may not actually log you out, but instead remove the session cookie and therefore not be very accurate.

I'd suggest contacting the site's admin directly to see if they can assist.

Basically, this issue should persist whether you use 1Password or not. You can test it by logging in manually and testing without using 1Password at all. The same behavior should still exist.

2. Sirus uses Flash. We cannot fill into Flash because Flash does not use standard HTML. You'll need to copy and paste here.

2b. Goto that site and do the following:

* Open the site and visit the login page
* Type in your username and password
* Click the 1Password extension button
* Click the + button in the extension window
* Rename the Title field to something unique and identifiable
* Click Save

This works fine for me.

3. This one is really obnoxious. It's because you didn't get to that page via another page. Basically they detect that you didn't follow the proper flow of what they determine to be a proper login. Which is goto page a, then click button to goto page b, then you can log in. In your case you skipped page a, and therefore they tell you to go back and do it differently.

Nothing we can do to get around this since it's actually the website that enforces it.

So, looks like all I can do is fix 1 of the 4 things you were having trouble with, but you certainly seem to have found some problematic sites :)
 

JoelBC

macrumors 6502a
Original poster
Jun 16, 2012
923
61
Hey Joel,

We got your email and I'll respond to that separately, but figured I'd put it here as well.

1. Any site that isn't behaving properly with regard to new posts really doesn't have anything to do with 1Password. We do absolutely nothing with this type of thing. All we do is fill in the username and password on the site if we're told to by the user.

So if you're having specific issues with new posts not being indicated as new posts it could be a "time" thing. It depends on how the site works. But if you "log out" at a particular time it may show new posts from that time forward. Logging out may not actually log you out, but instead remove the session cookie and therefore not be very accurate.

I'd suggest contacting the site's admin directly to see if they can assist.

Basically, this issue should persist whether you use 1Password or not. You can test it by logging in manually and testing without using 1Password at all. The same behavior should still exist.

2. Sirus uses Flash. We cannot fill into Flash because Flash does not use standard HTML. You'll need to copy and paste here.

2b. Goto that site and do the following:

* Open the site and visit the login page
* Type in your username and password
* Click the 1Password extension button
* Click the + button in the extension window
* Rename the Title field to something unique and identifiable
* Click Save

This works fine for me.

3. This one is really obnoxious. It's because you didn't get to that page via another page. Basically they detect that you didn't follow the proper flow of what they determine to be a proper login. Which is goto page a, then click button to goto page b, then you can log in. In your case you skipped page a, and therefore they tell you to go back and do it differently.

Nothing we can do to get around this since it's actually the website that enforces it.

So, looks like all I can do is fix 1 of the 4 things you were having trouble with, but you certainly seem to have found some problematic sites :)

Hi Kyle:

Appreciate the response and, like many others here, thin your product is fantastic.

As far as next steps are concerned I am investigating item and will post back in the event that anyone else experiences a similar problem...the thing that is weird is that I am using the same process that I am using on other websites without any issues / problems.

As far as the discovery of problematic websites is concerned it points to the need for a more standard approach.

Once again, much thanks,

Joel
 

AGKyle

macrumors 6502a
Jun 10, 2012
546
270
Hi Kyle:

Appreciate the response and, like many others here, thin your product is fantastic.

As far as next steps are concerned I am investigating item and will post back in the event that anyone else experiences a similar problem...the thing that is weird is that I am using the same process that I am using on other websites without any issues / problems.

As far as the discovery of problematic websites is concerned it points to the need for a more standard approach.

Once again, much thanks,

Joel

Yup, let me know if you find anything else out. I'll dig deeper if needed.

As for discovery. It's not quite as easy as imagined. I'd go into more detail here but in order to explain I'd have to write a book. Writing a web browser extension that does what we do is really quite complex and there are a lot of gotchas involved. It seems straight forward, until you learn the ins and outs of how it all works and then factor in security which complicates things even more.

There may be some small improvements we can make, but with password change pages, we're at about the best we can do without assuming things we can't safely assume.
 

JoelBC

macrumors 6502a
Original poster
Jun 16, 2012
923
61
Yup, let me know if you find anything else out. I'll dig deeper if needed.

As for discovery. It's not quite as easy as imagined. I'd go into more detail here but in order to explain I'd have to write a book. Writing a web browser extension that does what we do is really quite complex and there are a lot of gotchas involved. It seems straight forward, until you learn the ins and outs of how it all works and then factor in security which complicates things even more.

There may be some small improvements we can make, but with password change pages, we're at about the best we can do without assuming things we can't safely assume.


Kyle:

Appreciate the response….

I have done some digging today and continue to be confused…I will post my results here -- rather than in an e-mail -- in order to share them with others…

It appears -- as you know far more about this than me -- that the new / unread posts are not appearing as a result of my logging out at the end of the forum session [which is the sensible thing to do to avoid others accessing your forum ID]…this conclusion is based on the following:

1. If I a) log onto the forum b) mark the forum messages read c) leave the forum without first logging off and d) then return to the forum the new / unread posts are clearly indicated.

2. If I a) log onto the forum b) mark the forum messages read c) leave the forum with first logging off and d) then return to the forum which necessitates logging on again the new / unread posts not indicated.

The part that confuses me is that when I log off of the offending forum I receive the following message:



Fortitude_zps2de7ea91.png




which is identical to the message I receive in the following three forums [including the Mac Rumors forum] which I frequent using the method outlined in 2 above:



Kaleidescape_zps5608ed89.png




MacRumors_zps43939778.png




SONOS_zpsfeecc70f.png




The only explanation / hypothesis I can come up with is that the first forum [the Fortitude forum] uses cookies in manner different from the other forums such that it appears not to be possible of both i) log out on exiting the forum [for security purposes] and ii) having new messages since the last visit marked as "unread ". The unfortunate conclusion is that for this forum I have to choose between convenience [i.e. not logging out] and ii) security [i.r. logging out].


With your deeper knowledge and understanding on how this work I would appreciate i) any and all comments or insights that you have on this and ii) where we go form here other than writing to Fortitude which I have already done.


With much thanks,


Joel
 

AGKyle

macrumors 6502a
Jun 10, 2012
546
270
Hey Joel,

I'm not entirely familiar with how these sites determine this type of thing. It's weird that it is working on some sites but not others. This may indicate a different configuration setup on the non-working site. But this is really just guesswork on my part.

Passwords are effectively a teeter totter with security on one side and convenience on the other.

Since this is a forum, and not a bank site or something with really valuable information on it. I'd say if you trust the computer you're using, then you should trust the remember me setting. This will make the real issue disappear or at least be hidden in a way that you don't have to deal with it.

You can still use a strong password, as 1Password will fill it when needed, but it is after all, just a forum. Again, if you trust the site then there's no real reason to jump through hoops.

I'd avoid this if it were a bank or similar type of service that you truly value. Of course, I don't really value social media type sites so with that in mind your value of the forum(s) may be higher than mine.

But that's the part where you teeter totter between the two (security and convenience).

I hope that helps!
 

JoelBC

macrumors 6502a
Original poster
Jun 16, 2012
923
61
Kyle:

Appreciate both the support and its timeliness...

I will -- for those interested -- follow up with the response from the one offending site in the event that I receive a response to the e-mail that I sent to them...

Thanks to all who have contributed and read this thread...


Joel
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.