Make login screen accessible for keepass/ChromeIPass

(Christoph) #1

KeePass is a (if not the) open source password manager. To make it fill in login credentials on websites, ChromeIPass is probably the most commonly used Chrome-plugin. It even catches most AJAX login screens. Unfortunately, it doesn’t work with the Discourse login screen.

I am not sure what Discourse does differently than most AJAX generated login screens, but it would be great if it could be tweaked so that it works with ChromeIPass…

(Jeff Atwood) #2

Works fine with the built in browser login support, @techapj can you check current version against Safari, Firefox, Chrome just to be sure?

(Christoph) #3

I know, but relying on your browser as your password manager is not advisable. But leaving the security/privacy debate aside, I just thought that since ChromeIPass works on most other logins, it can’t be too difficult to tweak Discourse to work with it too…

(Jeff Atwood) #4

Our priority is to support the browser’s built in support. The third party tools should follow the same logic paths as the browsers. If they don’t, that is a fault of the tool.

(Gerhard Schlager) #5

It’s a known limitation of ChromelPass, but there’s a simple workaround.

7.2 Auto detection of input fields

7.2.1 Problem

The detection does only detect fields which are visible when this function is called.

It is only one time called automatically: After loading of the page finished.

New input fields which are created with JavaScript or with an AJAX-call cannot be detected, because they get visible after the auto detection was called.

For example an overlay for signin or signup could possibly not auto detected by chromeIPass because either the input fields are created just-in-time or they are hidden to the user while auto detection is running.

7.2.2 Solution

When it did not detect any username + password field combination you can click on the browser icon of chromeIPass and press the button “Redetect credential fields”.

You can also focus the visible username field or password field and press Ctrl+Shift+U. This will start a redetection for the focused field, too.

(Christoph) #6

Very useful information! But what I don’t understand then, is: why does it nevertheless work on most of those login pages that create a screen overlay for login (using AJAX, I assume)?

(Gerhard Schlager) #7

It’s possible that those sites just hide the input fields until they are needed. This allows ChromelPass to detect them when the page loads. AFAIK, Discourse creates the login form only when it’s needed.

(Jeff Atwood) #8

No, there is a hidden login form in the HTML to trigger browser auto fill. Take a look.

(ljpp) #9

Sorry OT:

LastPass works 98% of the times (Chrome), but for a reason unknown occasionally fails to fill the fields.

(Christoph) #10

That gives me the idea that discourse could provide another way to mark posts: mark as OT. LOL

(Arpit Jalan) #11

Verified on my MacBook that latest version of Safari, Firefox and Chrome offers to save password.

(Jeff Atwood) #12