1166440 - duplicate username entries in the password manager when using runescape.com

Status: NEW

(Toolkit :: Password Manager: Site Compatibility, defect, P3)

Description

[Kamil Jozwiak [:kjozwiak]]

Thanks to Nicholas for pointing out this in bug # 1165568 and his One and Done feedback!! I decided to create a new bug relating to the multiple entries as bug # 1165568 describes an SSL issue which I haven't managed to reproduce yet.

When you're logging into the runescape.com website, you can get into a situation where you can have three duplicate usernames for the same domain in the password manager. If someone decides to change their password, only one of the entries are updated. This could confuse users when they try logging in and end up getting an error indicating the password was incorrect. As far as the user is concerned, they've already updated their password.

STR:

- visit http://runescape.com and select "Sign in / Join" at the top right corner (save an entry into the password manager)
- visit http://www.runescape.com and select "Sign in / Join" at the top right corner (save an entry into the password manager)
- visit https://secure.runescape.com and select "Sign in / Join" at the top right corner (save an entry into the password manager)

You'll end up with three different entries as shown in the image I've attached. Changing the password would only update one of those entries.

Comment 1

[Kamil Jozwiak [:kjozwiak]]

Attachment: multipleAccounts.png

Comment 2

[Matthew N. [:MattN]]

This depends on bug 1120684.