Closed Bug 456904 Opened 11 years ago Closed 2 months ago

Add affordance for a user to manually add login credentials in Saved Passwords

Categories

(Toolkit :: Password Manager, defect, P2)

defect
Points:
5

Tracking

()

RESOLVED DUPLICATE of bug 1549801
Tracking Status
firefox56 --- fix-optional
firefox57 --- fix-optional
firefox58 --- wontfix
firefox59 --- ?
firefox69 --- disabled
firefox70 --- fixed
firefox71 --- fixed

People

(Reporter: filhodapuc, Unassigned)

References

()

Details

(Whiteboard: [passwords:management] [passwords:capture-UI])

User Story

So that I can have more control over the password that I save, as a Firefox user, I want to be able to easily create a new saved login.

Attachments

(2 files)

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.2) Gecko/2008091620 Firefox/3.0.2
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.2) Gecko/2008091620 Firefox/3.0.2

Firefox is not able to save the password for some websites which redirects the user after signing in.

To fix this situation either simply adds an "Add" button in Saved Passwords to store new password or fix the issue.

I don't have the url in which firefox could not save the password. As soon as i have, i can post in here.

Thank u

PS: IT HAPPENS ONLY WHEN THE WEBSITE REDIRECTS YOU RIGHT AFTER YOU SIGN IN.



Reproducible: Always

Steps to Reproduce:
1. Go to a website which redirects you to another page right after sinning in
2. Sign Up
3. Firefox will prompt for store the password.
4. Clicking Save won't have any result.
5. Check the Saved Passwords list, this website is not gonna be there.
I suspect the correct way to fix this is just to make the password manager handle redirects correctly. See also bug 264201 and bug 409922 when editing passwords in the UI is considered a WONTFIX.
Component: Preferences → Password Manager
Product: Firefox → Toolkit
QA Contact: preferences → password.manager
Version: unspecified → 1.9.0 Branch
Yeah, an "add login" is WONTFIX. You'd have to provide the form submit URL and field names, which is terrible UI.

OTOH, site redirects should be handled, so if you can find a site to reproduce your original problem on please file that as a new bug. The notification bar for saving a login will go away when the the location changes, but only if that happens after a delay (10 seconds, iirc). This was a tradeoff to allow redirects when need (eg, logins to gmail.com), while still removing the bar when the user clicks a link or somesuch.
Status: UNCONFIRMED → RESOLVED
Closed: 11 years ago
Resolution: --- → WONTFIX
Yahoo logins are not saved due to the site setting autocomplete="off" on the form. You can use a bookmarklet to clear the attribute and allow saving the login:

https://www.squarefree.com/bookmarklets/forms.html#remember_password
Thank you!

I will try to find the website which redirects you. and post a new ticket as you said.
(In reply to Justin Dolske [:Dolske] from comment #2)
> You'd have to provide the form submit URL and field names, which is terrible UI.

I think we're going to revisit the need for the form submit URL in the near future.
Status: RESOLVED → REOPENED
Ever confirmed: true
Resolution: WONTFIX → ---
Summary: New feature: "Add" button to store a new pasword in Saved Passwords → Add button to store a new password in Saved Passwords
Version: 1.9.0 Branch → unspecified
Summary: Add button to store a new password in Saved Passwords → Add affordance for a user to manually add login credentials in Saved Passwords
See Also: → 1001765
Blocks: 376668, passwords-2015
No longer blocks: passwords-2015-Q1
Blocks: 1127075
See the New Login tab of the LucidChart document.
User Story: (updated)
Whiteboard: UI-improvement
I think we can store a wildcard formSubmitURL but how should we handle the HTTP Auth Realm. Currently the realm is displayed in the same column as the form origin but in brackets. I'm not sure it's worth moving it to its own column since it adds complexity but what if a user wants to manually add an HTTP auth credential? I believe a login can currently either be for forms or HTTP auth but not both.
Status: REOPENED → NEW
Points: --- → 5
Flags: qe-verify+
Flags: firefox-backlog+
Whiteboard: UI-improvement → pwmgr42
Iteration: --- → 42.2 - Jul 27
Iteration: 42.2 - Jul 27 → 42.3 - Aug 10
Iteration: 42.3 - Aug 10 → ---
Pre-landing strings so we can do this in 42 with the rest of the editability that already landed.
Keywords: leave-open
Attached patch add.patchSplinter Review
not finished yet  patch
This is the patch I start working on before moving to migration because it have greater priority.
Depends on: 1257078
Keywords: leave-open
Priority: -- → P2
Whiteboard: pwmgr42
Whiteboard: [passwords:management]
[Tracking Requested - why for this release]: Would be a nice feature to have and by the number of duplicates it is a sought after feature plus it has a work in progress patch.
While I also very much wish this was implemented, there's no reason for this to be tracked for 57.
I was looking for this feature too, because I thought that I could manage other logins which aren't related to the internet and web sites in Firefox, so that I don't need another application to manage them.
I understand that this bug report deals almost entirely with actual "login form recognition" problems.

But wouldn't it be acceptable to simply provide and "Add" and "Edit" button in the Password Manager dialog, in addition?

This would make all those users happy that lost one of their favorite extensions with Quantum: the Saved Password Editor. https://addons.mozilla.org/en-US/firefox/addon/saved-password-editor/
Attached image fill-login-current.png
When a password field is present on a page, the contextual menu has a Fill Login section that allows user to fill in existing saved logins (if there are any) and View Saved Logins. See attached.

I imagine that this section could be reworked to support manually saving credentials in advance of submitting the form.

Imagine the context menu with something like:

> Select All
> ----------------
> Saved Logins
>
>> Save This Login
>> ----------------
>> user1@example.com
>> user2@example.com
>> ----------------
>> View Saved Logins
>
> ----------------
> Inspect Element

There would be more to it then this, as you you disable Save This Login when the form is blank, or filled with an existing credential, but this would be a start.

I understand that the Lockbox team will be working on core password features of the browser. Ryan Gaddis, any thoughts on this?
Flags: needinfo?(rgaddis)
We're currently exploring a rework of the Saved Logins that would include the ability to add new logins manually, within an improved Management-style interface. From there, we'd consider additional secondary measures (such as context menus) to help provide additional means for saving. 

Additionally, we're considering a Saved Logins doorhanger that would allow easier access to logins and management. 

We're preparing for a Shield experiment that would help test some of our approaches in the browser soon. I'll provide additional info here once we move forward.
Flags: needinfo?(rgaddis)
Duplicate of this bug: 1491266
Maybe first just implement an "Add" button in the Saved Logins for manual creation/editing
as soon as possible? Because currently there doesn't exist any sane way to save a password
for sites, on which the login forms aren't automatically detected. 

This would not be the perfect solution, but right now the users have to resort to copy-pasting
passwords from text files or third-party apps like KeePass, which is even further from ideal.
(In reply to pavel.lutskov from comment #27)
> Maybe first just implement an "Add" button in the Saved Logins for manual
> creation/editing
> as soon as possible? Because currently there doesn't exist any sane way to
> save a password
> for sites, on which the login forms aren't automatically detected. 
> 
> This would not be the perfect solution, but right now the users have to
> resort to copy-pasting
> passwords from text files or third-party apps like KeePass, which is even
> further from ideal.

Hey Pavel,

Thanks for the comment; unfortunately, a seemingly simple fix (adding a button for manual entry) is more complicated than it would seem, due to the underlying code that powers saved logins... but we're going to be instituting a way in which there will be a better saved logins experience starting in early 2019, including a completely revamped UI and better management capabilities (including adding entries manually)

Stay tuned!

(In reply to rgaddis from comment #29)

(In reply to pavel.lutskov from comment #27)

Maybe first just implement an "Add" button in the Saved Logins for manual
creation/editing
as soon as possible? Because currently there doesn't exist any sane way to
save a password
for sites, on which the login forms aren't automatically detected.

This would not be the perfect solution, but right now the users have to
resort to copy-pasting
passwords from text files or third-party apps like KeePass, which is even
further from ideal.

Hey Pavel,

Thanks for the comment; unfortunately, a seemingly simple fix (adding a
button for manual entry) is more complicated than it would seem, due to the
underlying code that powers saved logins...

This isn't true, it's actually quite straight-forward but the password manager just wasn't prioritized for many years unfortunately.

Severity: minor → normal
Whiteboard: [passwords:management] → [passwords:management] [passwords:capture-UI]
Status: NEW → RESOLVED
Closed: 11 years ago2 months ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1549801
You need to log in before you can comment on or make changes to this bug.