Sub domains save with different passwords

rik · January 27, 2021, 3:53pm

Description of the issue:

Hi all, I have an account on https://the.hiveos.farm/ (1) for which the password save feature works as expected.
I needed to comment on their forum at https://forum.hiveos.farm/ (2) and as this is not an SSO, I needed to create another account.
At this point I have 2 accounts, one for the admin interface of hive and one for the forum. Both use the same email address but with different passwords.

I’ve just noticed that the “save/update password” popup feature updates the password each time I log into one and then other, overwriting the value of one of the other (depends which site I’ve logged in and saved last).
If I open Settings -> Additional Settings -> Privacy and Security -> Passwords, I can see my list of “save password” accounts.
I can see one for https://forum.hiveos.farm and one for https://the.hiveos.farm but they both have the same value.

-> The problem is that the “save password” feature overrides the password of both rather than one or the other depending on the sub domain.

It feels like even though the subdomains entries are saved, the logic of storing the related password overrides the password of the other subdomain.

How can this issue be reproduced?

(I assume it is sub domain related and would be reproducible with other subdomains that have different authentications/passwords - I do not want to make you create accounts on hiveos.farm, just want to make this clear)

create an account with an email at the.hiveos.farm (1) and a password
create an account with the same email at forum.hiveos.farm (2) and a different password
log out from both
log into (1) and save the password
open Settings -> Additional Settings -> Privacy and Security -> Passwords and verify the correct password for (1) is saved
open new tab and log into (2) and save the password
open Settings -> Additional Settings -> Privacy and Security -> Passwords and verify the password for (2) is saved
check the password value for (1). In my case, password for (2) has overwritten (1)

Expected result:

I expect to have the password for (1) not overwritten with value from (2) or vice versa for the same domain but on a different sub domain.

Brave Version( check About Brave):

Version 1.19.86 Chromium: 88.0.4324.96 (Official Build) (64-bit)

Additional Information:

Thanks for any info on what I’m doing wrong.

gmacar · January 28, 2021, 4:52pm

You’re not doing anything wrong. That’s how Brave saves passwords (for the time being).

rik · January 30, 2021, 10:59pm

Alright, thanks for the feedback.
I’ll wait for an improvement then.
Cheers!

system · March 1, 2021, 11:00pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Already saved password is overwritten by newly created record in special case Desktop Support linux	1	246	January 16, 2021
Manage different logins/passwords for subdomains under the same domain Desktop Requests privacy	3	499	March 26, 2024
Recover Saved Passwords That You Saved A Password Over Browser Support windows	4	467	June 19, 2021
The passwords were not saved and I lost access Desktop Support windows	1	57	March 1, 2024
"Dummy 3" suggested password	8	346	September 27, 2021
Saved password does not work Browser Support windows	1	240	February 6, 2020
Saved Passwords Vanish Desktop Support windows	2	237	May 1, 2023
For some? reason the Offer to Save Passwords doesn't appear on some sites/pages Desktop Support windows	1	199	June 10, 2022

Sub domains save with different passwords

Related Topics