Forum Discussion

Former Member's avatar
Former Member
2 years ago

1Password dropdown masks macOS autofill for SMS verification codes

Many websites and services require verification with a code sent by text message. macOS has a nice feature that offers to auto-fill the code from the Messages app. Normally, it appears as a drop-down in the "Verification Code" field, and you type the Tab key to select it and autofill. That way you never have to try to memorize the 6-digit code and type it in.
1Password, however, sees the "Verification Code" field and tries to offer auto-completions. Of course these are one-time codes, so you would never want to store them in any password vault. Pressing the Esc key to remove 1Password's unhelpful auto-fill offerings also removes macOS's useful auto-fill offering.
I'd like a way to dial down 1Password's eagerness in offering auto-fill. My preference would be username and password only, unless I add a special field for that particular account. Never offer to auto-fill a Verification Code. Sometimes I might want credit card autofill and sometimes now.
Is there a way to do this already?

1Password Version: 8.10.23
Extension Version: Not Provided
OS Version: macOS 14.2.1
Browser: all

browser extension

8 Replies

Sort By
  • Tangible409's avatar
    Tangible409
    Occasional Contributor
    19 days ago

    Thanks, Dave, but for me getting this specific page fixed would not be a good use of your developers’ time. I chose it as an arbitrary illustration, not because that site is especially important to me. 

    I see this situation on many different pages, so if it’s going to be fixed, a one-off approach would be impractical. What’s needed, in my opinion, is the ability for 1P to determine from context or from the site’s coding what kind of entry is being asked for. Since any human could tell at a glance that it’s not a prompt for a user id or password, it doesn’t seem insurmountable for that to happen in software.

    Even better though, Apple itself usually  “knows” what kind of field it is, as we know because it waits for incoming texts and fills in the confirm codes automatically. Developers can enable this functionality following instructions at an Apple Developer site called “Enabling AutoFill for domain-bound SMS codes”
    (Your system wouldn’t let me post the actual link because some tags there made it uncomfortable.)

    So, it shouldn’t be hard for 1P to recognize the situation and get out of the way. 

    • 1P_Dave's avatar
      1P_Dave
      Icon for Moderator rankModerator
      19 days ago

      Tangible409 

      Thanks for the reply. 1Password has a filling brain that it uses to identify whether a field should be filled or not. It looks like you're running into a few different cases where the filling brain is identifying a field as something that 1Password can fill when it shouldn't be. 

      If you can send in the page structure of one of the instances where you're running into this issue then our development team can see what went wrong and improve the filling brain for that specific website and for other sites where the filling brain is misidentifying fields in a similar way. 

      -Dave

  • Tangible409's avatar
    Tangible409
    Occasional Contributor
    19 days ago

    https://www.dropbox.com/scl/fi/wzb3663ecw7pqp9nom4nq/Screenshot.jpeg?rlkey=mkx0ikzp0crvdsmh0ctfzjd7c&st=ri2cjss4&dl=0

    Here’s a screenshot to illustrate the problem. 1P is showing this bubble offering to fill in the field, even though the field clearly needs to be filled from an SMS message that 1P has no access to. The bubble sometimes obscures important information or controls  

    I don’t want to turn off this functionality, which is useful for user ids and passwords; I just want it to appear only when it has something to offer. 

     

    • 1P_Dave's avatar
      1P_Dave
      Icon for Moderator rankModerator
      19 days ago

      Tangible409 

      Thank you for sharing the screenshot. You can dismiss the 1Password prompt by clicking on the 1Password icon in the confirmation code field on the website: 

      That being said, our developers can update 1Password so that it no longer offers suggestions on that page. So that we can get this fixed, could you please send the page structure of the webpage in question to our support team? Follow these steps:

      1. Open the website in question until you can see the confirmation code field that you're referring to.
      2. Right-click on the page and click "1Password - Password Manager" > Help > Collect Page Structure.


      Attach the resulting JSON file to an email message addressed to support@1password.com

      With your email please include:

      • A link to this thread: https://www.1password.community/discussions/1password/1password-dropdown-masks-macos-autofill-for-sms-verification-codes/78501
      • Your forum username: Tangible409
      • A link to the affected webpage.
      • Please do not post the file here on the forum. 


      You should receive an automated reply from our BitBot assistant with a Support ID number. Please post that number here. Thanks very much!

      -Dave

  • Tangible409's avatar
    Tangible409
    Occasional Contributor
    28 days ago

    I found this old thread on a search. I have this problem both on the Mac and the iPad. 1P_Tommy’s solution from two years ago would kill off the very helpful feature entirely. I DO want to see these offers for Userid and Password fields, but I don’t want to see them for one-time codes from SMS or authenticator apps. 

    Any help?

    • 1P_Tommy's avatar
      1P_Tommy
      Icon for Moderator rankModerator
      28 days ago

      I'm not sure I understand. The solution I provided would allow the 2FA code to be shown by macOS. It's what I personally use so I can see the code when it arrives. Can you perhaps elaborate on your needs. The setting change is for inside the 1Password for Safari extension. It would not apply to macOS.

      • Tangible409's avatar
        Tangible409
        Occasional Contributor
        28 days ago

        Sorry for the confusion. Here’s the situation:

        Im in Safari, with the cursor on a user id or password field. 1PW shows me a bubble near that field offering to fill it in. This is good.

        To finish the login the website asks me to supply a one-time code sent to my phone, or from an app such as Google Authenticator. 1PW incorrectly offers to fill in the password, The bubble now often obscures the field where I’m supposed to type it. 

        I want 1PW to understand that these 2FA responses are not something it can or should offer to help with. However, I don’t  want to lose the valuable functionality for user ids and passwords. 

  • 1P_Tommy's avatar
    1P_Tommy
    Icon for Moderator rankModerator
    2 years ago

    @TimDiller

    You could try turning off the option within 1Password for Safari to automatically Show autofill suggestions when a form field is in focus.

    1. Right-click 1Password for Safari
    2. Settings
    3. Autofill

    Then any time you want to see 1Password you'll need to click the inline menu button.