Open Bug 1768362 Opened 3 years ago Updated 3 years ago

Passsword Manager prompts to update password after accepting new secure password

Categories

(Toolkit :: Password Manager, defect, P3)

Firefox 100
defect

Tracking

()

UNCONFIRMED

People

(Reporter: td47, Unassigned)

Details

Attachments

(1 file)

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0

Steps to reproduce:

Created a new account on site https://forums.slipstick.com/ accepting a secure auto generated password from password manager.

Actual results:

The new account password was used and saved, as shown by the blue key symbol, BUT when the creation was completed, I got a door-hanger prompt to ask to update the password (although it would be exactly the same).

Expected results:

The auto-generated password should have been seen as being already saved correctly, and NOT prompted to have it updated again.

I am not sure if this might be related to BUG 1765381 or a different issue. Looking again at the screen shot, and comparing that with the actual password manager entry for that site, I DID notice that the User ID td47 was missing, so if THAT is what the door-hanger promptr was trying to tell me was missing, then this might be an invalid bug. However, it would have been useful to know that was missing, rather than imply that the password itself was not correct in some way. Could that be made more obvious in this circumstance if that is the case?

I have seen this a few times before, on different sites, when new accounts are being set up, but this is the first time I have had the time to capture the issue and report it.

The Bugbug bot thinks this bug should belong to the 'Toolkit::Password Manager' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.

Component: Untriaged → Password Manager
Product: Firefox → Toolkit

(In reply to Tony Davis from comment #1)

I am not sure if this might be related to BUG 1765381 or a different issue. Looking again at the screen shot, and comparing that with the actual password manager entry for that site, I DID notice that the User ID td47 was missing, so if THAT is what the door-hanger promptr was trying to tell me was missing, then this might be an invalid bug. However, it would have been useful to know that was missing, rather than imply that the password itself was not correct in some way. Could that be made more obvious in this circumstance if that is the case?

I have seen this a few times before, on different sites, when new accounts are being set up, but this is the first time I have had the time to capture the issue and report it.

Hi Tony,
This is expected behavior when using the "securely generated password". The flow looks like this:

  1. Users choose to use the securely generated password. The password manager then saves the generated password immediately to make sure we don't lose the password. The username is not yet saved at that point because we want to save it when users click the submission button to make sure the username saved is the right one.
  2. Users submit the form. Now the doorhanger captures the username and password in the form, notices that there is already a password saved for the site but now we also have the username. So it asks whether users want to "UPDATE" the username.

I agree the messaging of the doorhanger can be improved. I'll leave the bug open so the team can discuss how to improve the UX for this scenario.

Flags: needinfo?(ard1947)
Flags: needinfo?(ard1947)

The severity field is not set for this bug.
:sgalich, could you have a look please?

For more information, please visit auto_nag documentation.

Flags: needinfo?(sgalich)
Severity: -- → S3
Flags: needinfo?(sgalich)
Priority: -- → P3
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: