New issue
Advanced search Search tips

Issue 612693 link

Starred by 2 users
Status: Fixed
Owner:
dvadym@chromium.org
Closed: Mar 2017
Cc:
dvadym@chromium.org
kolos@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Mac
Pri: 3
Type: Bug



Sign in to add a comment

Password generation on a sign-in page on wellsfargo mortgage

Project Member Reported by hwi@chromium.org, May 18 2016 
Both on 50.0.2661.102 on 52.0.2739.0
OSX

1) Go to:  https://icomplete.wellsfargo.com/oas/status/auth
2) Select the first radio button "Sign on with my Online Banking username and password."
3) Focus/click on the password field. 
4) The password generation UI is shown, which seems a bug

Thanks in advance for looking into it.

Comment 1 Deleted

Comment 2 by vabr@chromium.org, May 24 2016

Cc: kolos@chromium.org dvadym@chromium.org
Thanks for the report.

This is likely due to having two different sign-up forms (one accessible through https://icomplete.wellsfargo.com/oas/status/auth, the other one directly on https://www.wellsfargo.com/). Our system likely sees people input passwords on the first one for the first time, and then using the filled password on the second one, which leads it to believe that the first one is a sign-up form.

dvadym@ -- should we manually disable generation on the two wellsfargo forms (signatures below)? Or are we making changes which will fix this before launching?

kolos@ -- would this be fixed by your local classifier? Note that the site unfortunately bundles two forms into one on https://icomplete.wellsfargo.com/oas/status/auth, which makes it look more like a sign-up page.



Attached password form signatures from the internals page:

The form seen on https://icomplete.wellsfargo.com/oas/status/auth:
Adding manager for form with this signature: {
Signature of form, followed by field signatures : 17896050528949198078 ,
accessphrase : 941876204 ,
authtype : 3416698706 ,
birthday : 372434406 ,
birthmonth : 119361177 ,
birthyear : 870884492 ,
j_password : 1796512061 ,
j_username : 94183295 ,
lastfourssn : 1122137852 ,
lastname : 4163345999 
}

The form seen on https://www.wellsfargo.com/:
Adding manager for form with this signature: {
Signature of form, followed by field signatures : 5026471850858911596 ,
destination : 1062842186 ,
j_password : 1796512061 ,
j_username : 94183295 ,
saveusername : 2877219596 
}

Comment 3 by dvadym@chromium.org, May 24 2016

Owner: dvadym@chromium.org
Status: Assigned (was: Untriaged)
Thanks for the report. Yeah, Vaclav is right, our current classifier fails on it by reason he wrote. It's nice false positive example for future classifier, I've added it to our dataset. It will be fixed automatically before generation launch by training new classifier.
I set me as owner of this CL in order not to forget to check it when new classifier will be implemented.

Comment 4 by bettes@chromium.org, Jun 14 2016 

I reported the wellsfargo issue, and I believe the wellsfargo has been fixed as I haven't seen it in a while, but the same thing is happening for americanexpress.com now. See video
Screen Shot 2016-06-13 at 8.36.54 PM.png
239 KB View Download
autofill.mov
1.7 MB Download

Comment 5 by vabr@chromium.org, Jun 14 2016

Cc: -vabr@chromium.org
(Removing vabr from Cc because dvadym owns this already.)

Comment 6 by kolos@chromium.org, Mar 9 2017

Status: Fixed (was: Assigned)
re-tested.

Sign in to add a comment