This is a staging forum for AgileBits, not an official support forum. Visit http://discussions.agilebits.com instead.
Why 1Password fails at long Bank of America passwords on Chrome (it ignores maxlength)
<div class="IPBDescription">1Password should respect the maxlength field</div>If you have a Bank of America password in excess of 20 characters, 1Password will fail to log you in via Chrome (and possibly other browsers), even if you follow the advice on http://help.agile.ws/1Password/multi_step_logins.html and create a "multi step" login. However a manual copy/paste of your password will still work.
After investigating, I determined that 1Password is not respecting the "maxlength" field in the Bank of America password input, which looks like this:
[code]<input type="password" name="passcode" id="passcode" class="resize-text1" value="" maxlength="20" size="28" onkeydown=" return keyPress(event)">[/code]
As you can see, the site is restricting the passwords to 20 characters via HTML constraints. This is an important restriction because 1> BofA will gladly let you set a password longer than 20 characters and 2> BofA is apparently doing no password trimming server side.
When you /paste/ your password into the form, it gets trimmed to 20 characters. However when 1Password automatically enters it into the form via the Chrome extension, it apparently bypasses this restriction and enters the full overlong password.
The workaround is to set a BofA password less than or equal to 20 characters. However 1Password should identify and respect the maxlength attribute when filling out forms to prevent issues like this on other sites, and the resulting whack-a-mole workarounds that will be necessary.
I thought I should post this in the discussion form in case anyone else has mysterious issues with BofA.
After investigating, I determined that 1Password is not respecting the "maxlength" field in the Bank of America password input, which looks like this:
[code]<input type="password" name="passcode" id="passcode" class="resize-text1" value="" maxlength="20" size="28" onkeydown=" return keyPress(event)">[/code]
As you can see, the site is restricting the passwords to 20 characters via HTML constraints. This is an important restriction because 1> BofA will gladly let you set a password longer than 20 characters and 2> BofA is apparently doing no password trimming server side.
When you /paste/ your password into the form, it gets trimmed to 20 characters. However when 1Password automatically enters it into the form via the Chrome extension, it apparently bypasses this restriction and enters the full overlong password.
The workaround is to set a BofA password less than or equal to 20 characters. However 1Password should identify and respect the maxlength attribute when filling out forms to prevent issues like this on other sites, and the resulting whack-a-mole workarounds that will be necessary.
I thought I should post this in the discussion form in case anyone else has mysterious issues with BofA.
Flag
0