Locked Out Of WordPress By A 1Password Feature

As I had mentioned in my previous post, I had been locked out of my new WordPress instance earlier today.  After a little digging, it turns out that it was related to a 1Password feature.  I do love 1Password and I couldn’t imagine juggling several hundred passwords and associated URLs without it or something very much like it.  I have installed the browser plugin which allows me to fill in usernames and passwords automatically when prompted for them. Unfortunately, I was bitten by this autofill feature today.

Part of the main control panel for setting up my WordPress blog has a text entry box with a description that includes the word “username”.

Screen Capture From WordPress Configuration Screen

Once a username and password combination was saved for this site, whenever I navigate to this particular configuration page, it would automatically replace the “Web directory” contents with my username.  I didn’t notice that this change had occurred when the page loaded. Upon saving the configuration changes I had made on this page, I had made my WordPress instance unreachable.  Stephanie, from technical support at DreamHost, spotted and fixed the issue in just a few minutes.  She had initially thought it was a browser cache issue, but she had no real way of knowing what else was running within my local environment.

I will admit that I don’t like the description used for this configuration item for their hosted WordPress service.  On the other hand, I think there should be a way to tell 1Password not to autofill information for a specific site.  I do have the option in 1Password to not submit the username and password, but I don’t have the option to prevent the autofill from processing the available fields.

1Password Autosubmit Options

This entry was posted in 2 Geek, Passwords, Security and tagged , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *