clients
clients copied to clipboard
bitwarden
Unable to autofill challenge answers for HSBC
Steps To Reproduce
To log into one of my banks (HSBC) online portal, I am asked for an email and a password -- I have a Login entry set up, auto-fill works great. However, after submitting that form, I am challenged with entering three random digits of a 12 digit number (that I set when enrolling). If I hit aut-ofill here, I get my usual password blatted into the three fields -- not ideal. Based on the HTML page, the three type="password" look like <input type="password" id="SecondFactorAuth_SecurityNumberPositions_0__Value" name="SecondFactorAuth.SecurityNumberPositions[0].Value" autocomplete="off" data-auto-focus="move-next" title="Position 2"> so I know which value they want, but I'm not certain if I can craft a custom field that will match on the title attribute. According to https://github.com/bitwarden/clients/issues/840 , I should be able to match on other attributes, but I'm at a loss here.
Expected Result
With correct custom fields set up, the correct value is determined and inserted.
Actual Result
My usual password is inserted into the 3 fields instead.
Screenshots or Videos
Additional Context
No response
Operating System
Windows, Linux
Operating System Version
11 or 22.04
Web Browser
Chrome, Firefox
Browser Version
Latest
Build Version
2024.2
Issue Tracking Info
- [X] I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.
Hi @s-t-e-v-e-n-k,
Thank you for this report.
- Just to make sure that you and I are on the same page, could you please inspect the other two fields and show me screenshots of their ID attributes?
- Do you have a custom field set up in that vault item with a (Name) of "SecondFactorAuth_SecurityNumberPositions_0__Value" and did you set its (Value) to the PIN digit?
- Once you have such a custom field set up, does the Bitwarden browser extension enter the custom field when you perform Auto-Fill on that webpage or does it try to enter the Password into the PIN field?
Thank you in advance,
- Certainly --
- Based on the first screenshot I sent, the first field of
SecondFactorAuth_SecurityNumberPositions_0__Valuein that instance is Position 1, however, as you can see in the other two screenshots, it's Position 4 -- this is why I haven't tried that explicitly, because it will auto-fill incorrect values. - However, just to try it, creating a custom field as you suggested fills in the value, and not my password.
Hi @s-t-e-v-e-n-k,
Thank you for those screenshots. Generally speaking, it might have been possible to create 10 custom fields, 1 for each digit, to perform Auto-Fill in this case had the webpage given each field a unique HTML id attribute associated with the digit's position within the entire number, and not from 0 to 2 depending on the input field's position within the webpage. In this case, it's not really possible to perform Auto-Fill because the extension cannot know which digit the webpage is asking for.
GitHub is used to track bugs and other development related matters, and thus this GitHub report will be closed at this stage. If you'd to follow up on this matter, please feel free to create a Support ticket and please also include a link to this GitHub report in the body of your ticket.
Alternatively, you can seek assistance from other Bitwarden users in our Community Forums, if you wish.
Thank you again,