Using ctl name does not offer the password at all

[bege10]

For my banking program I have a password for the program itself and one for the bank login. Both windows have the title "Banking4". Therefore I always get offered the two passwords by Keepass . If I use with Disambiguator this window name for the window to enter the password for the bank KeePass does not offer the password at all:

Banking4{ctl:GLS Gemeinschaftsbank}

This is the beginning of the Report for this window:

Application of current target window: "c:\program files (x86)\topbanking4\topbanking.exe" TargetWindow: 724722 Resolved: True WindowID: Name : Banking4 Class : Window Child ID: Name : Banking4 Class : TextBlock Child ID: Name : Class : ShinyCaptionButtons Child ID: m_aMinimizeButton Name : Class : Button Child ID: m_aMaximizeButton Name : Class : Button Child ID: m_aCloseButton Name : Class : Button Child ID: m_aOKButton Name : OK Class : Button Child ID: Name : OK Class : TextBlock Child ID: m_aCancelButton Name : Abbrechen Class : Button Child ID: Name : Abbrechen Class : TextBlock Child ID: m_aHeadingTextBlock Name : GLS Gemeinschaftsbank Class : TextBlock Child ID: m_aUserLabelTextBlock Name : Alias/VR-NetKey: Class : TextBlock

[drventure]

Hmmm, what does the keepass entry with the disambiguator fields look like?

For instance, I'm guessing your title field looks something like this

Banking4{ctl:GLS Gemeinschaftsbank}

or something similar.

[bege10]

Hmmm, what does the keepass entry with the disambiguator fields look like?

For instance, I'm guessing your title field looks something like this

Banking4{ctl:GLS Gemeinschaftsbank}

Yes, exactly, see the beginning of my first post.

[drventure]

Doh. My apologies. I completely looked right past that.

Try this, in keepass, click tools/The Disambiguator/Logging, which turns logging on. You should get a message about it.

Now, go to you banking app and press the keepass hotkey. It won't play any password, but that's ok.

Close keepass and look on your desktop for a disambiguator log file.

That should contain a log of all the controls it looked through and what it was searching for. No passwords or sensitive info is written to that file, but feel free to review it.

If you see anything that might indicate why it seems to be missing the control you're specifying, feel free to post the log (or just a snippet of it, what ever youre comfortable with.)

[bege10]

Today it works better without any changes. I tested this several times on several days. Weird. Well, I don't understand why but it's a reason to be happy. The password for the bank login Banking4{ctl:GLS Gemeinschaftsbank} is not displayed any more when I enter the password for the banking app Banking4{ctl:Datentresor} and it is displayed when I log in to the bank. Perfect.

But the password for the banking app is still displayed when I want to log in to the bank. In the log the word "Datentresor" definitely is not present. The password even works when I remove the window title "Banking4" from both the standard and the autofill tab leaving only "B" as entry name and {ctl:Datentresor} for the autofill window.

This log entry implies that KeePass also looks for the name of the entry, here "B" and the autofill parameters:

05.10.2024 01:02:30 MatchSequence winName='B'  sequence='{PASSWORD}{ENTER}'  eventId='5'  TargetTitle='Banking4'  TargetHandle='1773684'
05.10.2024 01:02:30    Matching 'Banking4' to 'B' as pattern resulted in no match
05.10.2024 01:02:30    Window Title 'Banking4' did not match
05.10.2024 01:02:30 MatchSequence winName='{ctl:Datentresor}'  sequence='{PASSWORD}{ENTER}'  eventId='5'  TargetTitle='Banking4'  TargetHandle='1773684'
05.10.2024 01:02:30    Window Title 'Banking4' did not match
05.10.2024 01:02:30 Finished AutoType_SequenceQuery

And although the following is the only !!!MATCH!!! (the log-in password for the bank) KeePass offers the app password which does not match any more after I "stripped" it for both the app and the bank login.

05.10.2024 01:29:37 MatchSequence winName='Banking4{ctl:GLS Gemeinschaftsbank}'  sequence='{PASSWORD}{ENTER}'  eventId='6'  TargetTitle='Banking4'  TargetHandle='3412358'
05.10.2024 01:29:37    Matching 'Banking4' to 'Banking4' as pattern resulted in !!!MATCH!!!

[drventure]

That's good news. The plugin may not have compiled or been installed completely when you first tried it, but it's working now so that's great.

About the 'b' reference.

That's one thing that often trips people up with the disambiguator. Keepass uses the window title as well as the locator elements to try to match a keypass entry to your current app.

The disambiguator doesn't change that process at all. All it does is use additional hints to resolve down from multiple found entries to a single one.

That can be kind of difficult to get your head around sometimes ... But I'm always open to ideas to improve the process!

Darin

---

From: bege10 @.> Sent: Friday, October 4, 2024 6:49:53 PM To: drventure/Disambiguator @.> Cc: Darin Higgins @.>; Comment @.> Subject: Re: [drventure/Disambiguator] Using ctl name does not offer the password at all (Issue #9)

Today it works better without any changes. I tested this several times on several days. Weird. Well, I don't understand why but it's a reason to be happy. The password for the bank login Banking4{ctl:GLS Gemeinschaftsbank} is not displayed any more when I enter the password for the banking app Banking4{ctl: Datentresor} and it is displayed when I log in to the bank. Perfect.

But the password for the banking app is still displayed when I want to log in to the bank. In the log the word "Datentresor" definitely is not present. The password even works when I remove the window title "Banking4" from both the standard and the autofill tab leaving only "B" as entry name and {ctl: Datentresor} for the autofill window.

This log entry implies that KeePass also looks for the name of the entry, here "B" and the autofill parameters:

05.10.2024 01:02:30 MatchSequence winName='B' sequence='{PASSWORD}{ENTER}' eventId='5' TargetTitle='Banking4' TargetHandle='1773684' 05.10.2024 01:02:30 Matching 'Banking4' to 'B' as pattern resulted in no match 05.10.2024 01:02:30 Window Title 'Banking4' did not match 05.10.2024 01:02:30 MatchSequence winName='{ctl:Datentresor}' sequence='{PASSWORD}{ENTER}' eventId='5' TargetTitle='Banking4' TargetHandle='1773684' 05.10.2024 01:02:30 Window Title 'Banking4' did not match 05.10.2024 01:02:30 Finished AutoType_SequenceQuery

And although this is the only !!!MATCH!!! (the log-in password for the bank) KeePass offers the app password which does not match any more after I "stripped" it for both the app and the bank login.

05.10.2024 01:29:37 MatchSequence winName='Banking4{ctl:GLS Gemeinschaftsbank}' sequence='{PASSWORD}{ENTER}' eventId='6' TargetTitle='Banking4' TargetHandle='3412358' 05.10.2024 01:29:37 Matching 'Banking4' to 'Banking4' as pattern resulted in !!!MATCH!!!

— Reply to this email directly, view it on GitHubhttps://github.com/drventure/Disambiguator/issues/9#issuecomment-2394796822, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AAOMXBWQEFTIEOQBYVLZXCTZZ4SSDAVCNFSM6AAAAABPKTIXZ2VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGOJUG44TMOBSGI. You are receiving this because you commented.Message ID: @.***>

[bege10]

I still don't understand. The log shows this entry Matching 'Banking4' to 'Banking4' as pattern resulted in !!!MATCH!!! but there is no "Banking4" left in the respective KeePass entry. The Title is "B" and the auto-type window title is {ctl:Datentresor}. I removed all entries from the history. The only match should be "Datentresor" but that is not in the log. Is there any "magic" cache that keeps the old entry?

[drventure]

That's odd.

The Disambiguator doesn't cache anything. Each time a password request is made (by pressing the Keepass hotkey), the plugin just gets activated by Keepass as part of the filtering process.

Could there be +another+ entry somewhere that still has "Banking4" as a title or a Target window? Remember that the actual "title" of the keepass entry (the one that shows up in the main Keepass grid) is actually ALSO used by Keepass for matching.

Another thing that might be tripping you up.

I believe you'd still want to include "Banking4" as the window title in the Autotype "Target Window" field For example:

The main idea is that, without ANY Disambiguator triggers (like {ctl:} or {exe:}) you +should+ get the normal Keepass popup, asking you which of 2 or more entries you want to use.

Once you have that happening, for ONE of the entries, add {ctl:name} to the Target Window title, so, for example "Banking4{ctl:Datentresor}"

That should allow Disambiguator to filter out the "other" entry because the target window wouldn't contain a control named "Datentresor" and thus there should only be one matching entry, at which point Keepass should just automatically type the sequence for that entry.

[drventure]

Another example, for Azure GIT login, I get the generic "Windows Security" popup login form.

The title is just "Windows Security" so that same form comes up for a number of different sites that I login to.

So, to disambiguate and resolve to a single entry, for my Azure Git entry, I have the Target window title for the Autotype set to

"Windows Security{ctl:https://azuredevops.mycompany.com}"

This is because in the case of Azure Git, one of the controls on the generic Windows Security form ends up containing that https url in its text.