Skip to main content
Hi, folks,

 

My site records aren't always getting correctly stored when I generate a password and save it via the Passwords toolbar. So when I create or modify a site record, I log out of the site, close the window, then go to Passwords in the WSA console to inspect the site record, launch and test.

 

The hitch is that the console doesn't update after I create or update a site record. Every time I make a change via the toolbar, I have to kick the console in the head to get the site data to refresh. Because I haven't found a better way, I use the browser controls to refresh, and that means I have to reauthenticate. That is a pain if I have to do a string of tweaks to get a site record right.

 

How can I get the Passwords console page and toolbar to play together better?

 

Thanks,

 

LauraB

 

(edits: grammar and duplicate signatures)
Hi Laura! 

 

I am not quite sure on this one to be honest.. though I have something that might explain it.  Sometimes it can take the Console 15 minutes or so to synchronize with changes made on other things.  For example, if you install WSA on a 2nd device, it can take that 15 minutes or so before that new device will show up in the Console.

 

Is that type of delay possibly what is going on?
Hah! I'm ready for that question! :D

 

I updated my login credentials on an online shopping site this morning and saved them with the toolbar *after* I opened the Passwords in the web console. I waited until late this afternoon and went back to look at the console. That new site still doesn't appear, either in my Retail group or the default group.

 

So, I'm just now refreshing the console page. It does an auto login, asks me for my security code, and makes me authenticate when I click on Passwords. And Bingo, there's my new site under my Retail group.

 

So that was over four hours, and no update. I wouldn't mind the console not automatically updating, if there was I way I could get it to refresh without using the browser's refresh function, and having to log in all over again. That's so inefficient.
Hi Laura

 

Try running a scan with WSA (just in case your scheduled scan has not yet run).  Should not make a difference but give that WSA is fully cloud-based you never know...A long shot but sometimes that is all that it takes. ;) 

 

And keeps us posted on this one as it is something that both David & I have struggled with in the past and would dearly love to get to the bottom of if we can.

 

Many thanks in anticipation.

 

Regards

 

 

Baldrick
Hi, Baldrick,

 

Well, that's not something I anticipated being asked! But I doublechecked my logs, and the scan has been running as scheduled. I scanned again, and the manual scan showed up in the log just like the scheduled scans, so I trust that the scheduled scans actually happened as logged.

 

Can you point me to any topics where you and David discussed this before? I searched before I asked, but I got no relevant hits.

 

I wasn't even sure this was something that was expected to work. It sounds like you and David, at least, have the same disappointed expectation as me. Do you recall if this has ever been escalated to support?

 

Thanks!

 

Laura
!Hi Laura! My apologies for not replying: I was out to sleep shortly after my reply. I have a feeling a trouble ticket is in order... I am pretty sure I have not had the same problem, though I have not had a chance to follow you steps above to replicate. I plan to do so tonight when I get home. I hope you are having a good day
Hi Laura

 

Take a look at this previous thread; not quite what you are experiencing but it does relate to the Console not receiving data correctly from a client PC, and so may be of some assistance.  Also please note that it refers to the 2013 version rather than the current one so the screenshots are not accurate but I think that yo uwill get the gist of what was going on/suggested and can most probably translate this to the 2014 version.

 

See if anything in there helps...I will keep searching for additional pointers.

 

Regards

 

 

Baldrick
That's OK, David, even I sleep! :D

 

I will wait until you've had a chance to verify this doesn't work for you either. I am seeing a lot of glitches, so I'm suspicious I'm not using the product as it was intended. *Unless* it's not as robust in Chrome as it is in Firefox or IE. I was actually surprised to see that Chrome wasn't fully supported until recently, as it's been a real contender for years.

 

I've been debating whether to try working out of Firefox today. I live in Chrome. I don't think I can do it! :p

 

Have a good day, peeps.

 

Laura
Hi Laura

 

I actual run 4 different browsers, depending on what I want to do on the Web (but also becuse it is good to have the same apps as the users that one is trying to support/help, etc...;)).

 

I use IE11, FF27, Maxthon (not supported by WSA per se) and Chrome...on both Win7 64bit & Win8.1u1 32bit...and I am not having any issues what so ever with Chrome...in fact I think that probably IE11 is causing more issues (though not many in reality).

 

I shall have to do what David will be trying, i.e., to recreate your symptoms, etc.,

 

Regards

 

 

Baldrick
Yeah, Baldrick, that's similar in ways, but my particular case has the wrinkle that I can *force* the console to update by refreshing the browser window. I don't think my problem is a configuration issue like it was in that case, but I have combed through all the settings, just in case. I didn't see anything related to this, but I might not know where to look...
This is weird.  I have just been into the Console and deleted 3 sets of credentials (for minor sites that I rarely visit these days), exited, rebooted, and then logged into each site using chrome...and then checked the Console values for the latest password inserts...and they were all there and worked correctly when I tried to use them via the toolbar.

 

So, have to admit...I am flummoxed.  Will have to try this again in more controlled conditions over the weekend.

 

Are you running any other security-related app in conjunction with WSA (clutching at straws at the moment)?

 

Regards

 

 

 

Baldrick
Baldrick, I use Chrome, FF, IE, Opera and Safari because I need to make sure my stuff works everywhere. But I do almost all my production work in Chrome, because I've found it the most robust of them all.

 

I'm a former software engineer and I tend to push apps pretty hard, so I may be seeing some things other people haven't run into before on Chrome. I want to point out that my production machine is a bit old, too, but I'd be a bit surprised if that were the problem here. I keep it clean, and I don't have any ongoing trouble with other apps.

 

I will wait until either you or David has a chance to check out what I'm doing before proceeding.

 

Thanks a bunch,

 

Laura
Baldrick, the other day I exported Passwords and printed them, and noticed that every change I had made was recorded, including passwords I had replaced. I'll bet you anything your deleted records are still stored on your machine, but just not showing in the console anymore.

 

I noticed there was an option for restoring deleted passwords while I was reading the manual, so this behavior is in some way intentional. You could argue that while a site record is "deleted", its login credentials shouldn't be accessible via WSA.

 

(edits: typos)
I'm not running any other AV software. I do run Windows Firewall.

 

 

...It just occurred to me that other addons could be affecting performance. I use Hootlet and Pin It, and I see that Google Docs has an extension installed, although there's no toolbar associated with it in the browser.

 

If you guys observe different behavior than me, I will shut down all my other extensions (gasp!), and we'll see what happens.

 

(edits: additional thoughts)
Hi Laura

 

You may well be right about the deleted records...will have to check that out too...but just tried again on a completely new site I have never signed into before and the PM Toolbar worked fine, credentials stored correctly in Console with PM generated password (12 alpha slected), and it was correctly stored and was immediately usable having rebooted to clear everything out before trying to login with PM autofilling the credential details...and again...it worked fine.

 

So still flummoxed...and probably need to wait for David it to try it himself and see what result he gets.

 

Regards

 

 

 

Baldrick
Heck, it's looking like I'll have to write down exact steps to reproduce my problem for support. Let's double check that you did the same thing as me:

 

1) Open the WSA web console and log in

2) Click on Passwords and authenticate (leave the tab open)

3) Open another tab, navigate to a new website, create and store credentials via the WSA toolbar

4) Return to the already open WSA web console

5) Wait...

6) Confirm your new site is stored (without having to refresh the Passwords tab and reauthenticate)

 

Thanks, Baldrick.
Apologies, Laura, but I am not clear when you use the term 'authenticate'?  And am not clear why you are insisting on step 6.?  How is the web page going to show you a change, i.e., the addition of the new credentials without being refreshed?

 

I am obviously missing something important here and being a bit dumb.
Hi, Baldrick,

 

I set up two-factor authentication on my account. In order to access the Password Manager, I have to read a code from my mobile phone (from the Google Authenticate app), then type it into the Password Manager in my browser. That's why I'm fussing about this--it's really inconvenient to have to keep refreshing and reauthenticating to see new sites in the web console.

 

The reason I am looking for new sites in the web console is because when I generate passwords they're not always saved reliably via the toolbar addon. Sometimes the site is saved with an empty password field and sometimes it saves with the wrong password. Also, when I generate replacement passwords, sometimes the stie fails to update. So when I save or update a site, I need to inspect the record and make sure it has saved correctly. I also find I often need to tweak the URL the toolbar saves. I can't be sure I've got that right unless I logout of the site, close the tab, and then relaunch the site from the saved record in the console.

 

I hope that makes sense!

 

Laura
Well, thanks for explaining...I do not  use two-factor authentication...and am not having an issue, so I suspect that this is the issue...but lets wait to see what David's attempt at replication yield.

 

BTW, why the 2FA...is it really necessary?

 

Regards

 

 

 

Baldrick
AH!

 

Well, you are the first post here that I have seen that has set that up... I think most users are not even aware of it.

 

I have not yet set that up... due to no one else having used it or asked about it yet.  I will get that set up tonight if at all possible so I can have a better look at what is going on here.

 

Thanks  :)
2FA is highly recommended:

 

How Apple and Amazon Security Flaws Led to My Epic Hacking  

Here's Everywhere You Should Enable Two-Factor Authentication Right Now

 

 

I started using it because a client had it on their MailChimp account, and I very quickly got addicted to feeling secure. I would not use a Password Manager that didn't provide 2FA.

 

 

 
The 2FA in the Password Manager was actually added relatively recently.  It was just released in mid December, and so far I have not seen any official announcements regarding it.  Very few users have adopted it, so few that we really have not had any discussion regarding it yet.  As I said before, I think that a vast majority of users are not even aware of it :)

 

I will be looking into seeing if I can get it activated using my Android tablet... I do not currently have an Android phone available.

 

 :)
Interesting, David.  As I have a Windows Phone I have no option to make use of this and I suppose that I could try enabling it on my Windows tablet...but to be honest I do not see the point normally...but may give it a try just to try to get to the bottom of Laura's issue. ;)

 

Regards

 

 

Baldrick
David, will you try the steps I listed before you set up the 2FA? I am so curious whether the behavior changes after that.

 

 

Oh, great, guys, this just in from Jasper_the_Rasper: 

 

Heartbleed maliciously exploited to hack network with multifactor authentication

 

 

So long, secure feeling, it was nice knowing you. :(

 
David, if you don't typically have your tablet on and available when you're running your PC, you might not be very happy with 2FA. It's kind of a PITA. But despite the bad guys just winning a round, I still think it's a good idea. 
Sorry, LauraB, but my point entirely, especially since apparently 2FA is now passe and the in thing is 3FA.  Any bets on when 4FA will be de rigeur/flavour of the month.

 

Apologies, if I sound a little callous, just a bit long in the tooth and have been seeing this sort of ping pong going on for years.

 

Hopefully, David, can validate your issue and then it can be passed on to the Support Team for sorting.

 

Regards

 

 

Baldrick

Reply