wrong password saving prompt |
||
Issue descriptionThis is for an Google internal site. go/workday Only tried on Mac MBP, Version 55.0.2883.35 beta (64-bit) When I went to the site, there is a pop up asking me whether I want to use @google.com, or @chromium.org account. I chose former. After the page is loaded, I got the "Google Smart Lock" prompt to update password for https://account.google.com for @chromium.org.
,
Nov 24 2016
This is a tricky case: Password Manager doesn't save sync credentials, but what to do when there is no username on sync domain and we don't know whether current credentials sync or not. On https://codereview.chromium.org/2233833002/ it was implemented not to save password when the username is empty. But here we have already saved credentials, and Password Manager treats this form as a login form, but since the password is not equal to save the password, it proposes to update them. I think that the best solution for now is 1. Not to propose updating credentials on sync domain, when submitted form has only 1 password field. Such form is unlikely to be change password, so it would break update password on change password forms. Another option is 2.to try to play around smart update bubble, for example if the user 3 times rejected update bubble, then not to show update bubble for this form.
,
Nov 26 2016
I don't think option 2 is right as it offers to save the WRONG information. This will use not trusting us in the future.
,
Dec 2 2016
I agree that option 1 (not to show update bubble) is better for sync passwords. We discussed it in the team and decided that it should be implemented and I'm going to do it. But unfortunately Password Manager can't be sure for 100% whether information that it proposes is correct. Earlier Password Manager was updating password automatically, and then we introduced asking users (it's better then to update password automatically incorrectly).
,
Dec 28 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/68324d6be5b713650770ac5ff8a732eda4146916 commit 68324d6be5b713650770ac5ff8a732eda4146916 Author: dvadym <dvadym@chromium.org> Date: Wed Dec 28 11:54:56 2016 Do not show the update bubble for sync credentials when a username is unknown. This CL introduced a checking of |provisionally_saved_credentials| for sync credentials, instead of |pending_credentials|. That's more correct, since |provisionally_saved_credentials| is the submitted form, on other hand |pending_credentials| is a combination of already saved and submitted form. In case of saving both these forms are the same, but for updating they are different. BUG= 663896 Review-Url: https://codereview.chromium.org/2604783002 Cr-Commit-Position: refs/heads/master@{#440844} [modify] https://crrev.com/68324d6be5b713650770ac5ff8a732eda4146916/components/password_manager/core/browser/password_form_manager.cc [modify] https://crrev.com/68324d6be5b713650770ac5ff8a732eda4146916/components/password_manager/core/browser/password_form_manager.h [modify] https://crrev.com/68324d6be5b713650770ac5ff8a732eda4146916/components/password_manager/core/browser/password_manager.cc [modify] https://crrev.com/68324d6be5b713650770ac5ff8a732eda4146916/components/password_manager/core/browser/password_manager_unittest.cc
,
Mar 1 2017
|
||
►
Sign in to add a comment |
||
Comment 1 by battre@chromium.org
, Nov 10 2016Status: Assigned (was: Available)