coollabsio
[Bug]: Login screen one time password/recovery code fields break password manager
Description
When using a password manager such as 1password, logging on the user and password fields work as expected.
At the onetime password / recovery code screen using a password manager it incorrectly populates both fields with 3 characters instead of the auth code with 6.
Expected: The 1 time code should be populated in the correct field. All charactors.
Workaround You can simply copy and paste the 3 digits from recovery code into the end of 1TP
Documentation 1password provides docs on approriate approached of marking autocomplete="one-time-code" https://developer.1password.com/docs/web/compatible-website-design/ and the html and the html spec. https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#autofill
If not already, removing hints from recovery code may help or disabled until someone clicks use recovery codes etc..
Priority Low - There is a work around and login is infrequent.
thanks
Minimal Reproduction (if possible, example repository)
- Enable OTP
- log on
- At the OPT / Recovery code screen use password manager
Exception or Error
No response
Version
4.0.0-beta.248
I coincidentally stumbled upon this issue and was surprised, as 1password correctly auto-completes OTPs on my instance.
This seems to be fixed with the changes done in v4.0.0-beta.249 and 1pw now correctly fills in the whole OTP into the One-time code input field.
yes it now appears to have a different approach.. I was leaving it open for the maintainer.. assume they had seen and resolved
yes it now appears to have a different approach.. I was leaving it open for the maintainer.. assume they had seen and resolved
I have made a few modifications, and it looks like it is resolved now (it works for me as well with a different password manager).
Can you please confirm if it works after updating to the latest version?
