+Ripdubski Posted August 19, 2014 Share Posted August 19, 2014 The popup window asking for login is no longer secure, at least according to 1Password. For the past couple of weeks I've been getting a warning that the login is not https. Any ideas? Quote Link to comment Share on other sites More sharing options...
Albert Posted August 19, 2014 Share Posted August 19, 2014 That's odd, as I also use 1Password (on the Mac) and I'm not getting a warning on the popup (just tested it). The login should indeed be https, although other elements on the page are not loaded through https. But the form submission is, which is the important part. What browser are you using? ..Al Quote Link to comment Share on other sites More sharing options...
+Ripdubski Posted August 19, 2014 Author Share Posted August 19, 2014 (edited) Safari 7.0.6, OS X 10.9.4, 1Password 4.4.1, 1Password Extension 4.2.4.. The extension is not showing any updates. If I use the document inspector it shows the page as http. It will revert to http after initially setting https - I get the https lock, then it goes away. The warning I get, per AgileBits, means the password was saved as https, but is being filled on an http form. Error: 1Password warning: This page is not protected. Any information you submit can potentially be seen by others. This login was originally saved on a secure page. Do you still wish to fill this login? FWIW, I get this from both 1Password extension (browser) and from 1Password Mini (OS toolbar). When I hover the AtariAge Signon link it shows https. But when the form pops up it reports http://atariage.com Edited August 19, 2014 by Ripdubski Quote Link to comment Share on other sites More sharing options...
Albert Posted August 19, 2014 Share Posted August 19, 2014 Safari 7.0.6, OS X 10.9.4, 1Password 4.4.1, 1Password Extension 4.2.4.. The extension is not showing any updates. If I use the document inspector it shows the page as http. It will revert to http after initially setting https - I get the https lock, then it goes away. The warning I get, per AgileBits, means the password was saved as https, but is being filled on an http form. The reason this is happening is because the registration page is actually loaded with https, but the normal login popup is displayed on an http page. However, the login form is submitted using https. This is pretty common. Nothing has changed on AtariAge recently as far as this goes, so this might be a change to the 1Password extension. Not sure if 1Password has a way to ignore that warning on a specific page. ..Al Quote Link to comment Share on other sites More sharing options...
+Ripdubski Posted August 19, 2014 Author Share Posted August 19, 2014 (edited) It doesn't. This is a new "feature" of 1Password as well and a lot of people are complaining about it. But in reality it is trying to protect you. I'll remove the password and resave it to see how it stores it. Update: After removing the password, and logging in again to save it new. The URL shows: http://atariage.com/forums/ Edited August 19, 2014 by Ripdubski Quote Link to comment Share on other sites More sharing options...
Albert Posted August 19, 2014 Share Posted August 19, 2014 It doesn't. This is a new "feature" of 1Password as well and a lot of people are complaining about it. But in reality it is trying to protect you. I'll remove the password and resave it to see how it stores it. Yeah, I've seen it as well on some sites, although not here. I can understand why they are doing it, but they need to add an, "Ignore on this website" checkbox when they pop this warning up. ..Al Quote Link to comment Share on other sites More sharing options...
+Ripdubski Posted August 19, 2014 Author Share Posted August 19, 2014 After re-saving I no longer get the warning. But I'm not convinced it's https anymore since it was originally saved with https. Quote Link to comment Share on other sites More sharing options...
Albert Posted August 19, 2014 Share Posted August 19, 2014 After re-saving I no longer get the warning. But I'm not convinced it's https anymore since it was originally saved with https. The popup login form uses https to submit your username and password to the server. if you sign out, pull up the login form and then view the page source, you'll see this: ..Al Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.
× Pasted as rich text. Paste as plain text instead
Only 75 emoji are allowed.
× Your link has been automatically embedded. Display as a link instead
× Your previous content has been restored. Clear editor
× You cannot paste images directly. Upload or insert images from URL.