You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When I try to login to a site which requires a username and password on the first page, and then am brought to a second page which asks for a SMS token to be entered (in an input field of type password), I am unable to successfully enter the SMS token. When the cursor is moved out of the 2FA token field, immediately the password stored in keepassxc is auto-filled. There does not seem to be a way of preventing this. In order to login to the site, I had to revert back to the old chromeIPass extension.
Expected Behavior
If I have entered text into a password field manually, I would expect the extension not to wipe out what I entered.
Current Behavior
The 2FA token is always wiped (apparently replaced by the site's stored password) when moving the cursor outside of the input field.
Possible Solution
Either don't autofill password fields where a user has already inputted text, or provide some other workaround to allow logging into a site such as this.
Steps to Reproduce (for bugs)
Go to site which requires username and password on the first login page.
Click on username field and select login from drop down.
Click sign in button.
On next page where 2FA token is requested in a password field, type in 2FA token manually or copy and paste from external 2FA token application.
Watch the contents of the password field change length.
I made a little fix to this. There's only one drawback to it: if there's only the password field visible and user wants to revert using the credential password after the input already has content, the value must be cleared before autocomplete menu appears.
When I try to login to a site which requires a username and password on the first page, and then am brought to a second page which asks for a SMS token to be entered (in an input field of type password), I am unable to successfully enter the SMS token. When the cursor is moved out of the 2FA token field, immediately the password stored in keepassxc is auto-filled. There does not seem to be a way of preventing this. In order to login to the site, I had to revert back to the old chromeIPass extension.
Expected Behavior
If I have entered text into a password field manually, I would expect the extension not to wipe out what I entered.
Current Behavior
The 2FA token is always wiped (apparently replaced by the site's stored password) when moving the cursor outside of the input field.
Possible Solution
Either don't autofill password fields where a user has already inputted text, or provide some other workaround to allow logging into a site such as this.
Steps to Reproduce (for bugs)
Debug info
This is the html input field for the 2FA token:
General Info
KeePassXC fork - KeePassXC version: 2.3.0
keepassxc-browser - KeePassXC-Browser Version: 1.0.0
Operating system: Ubuntu 17.04
Browser: Google chrome beta: Version 65.0.3325.106 (Official Build) beta (64-bit)
Proxy used: YES
The text was updated successfully, but these errors were encountered: