diff --git a/apps/browser/src/autofill/background/notification.background.spec.ts b/apps/browser/src/autofill/background/notification.background.spec.ts index f117076d03b..4ede330c994 100644 --- a/apps/browser/src/autofill/background/notification.background.spec.ts +++ b/apps/browser/src/autofill/background/notification.background.spec.ts @@ -1642,7 +1642,7 @@ describe("NotificationBackground", () => { expect(pushAddLoginToQueueSpy).not.toHaveBeenCalled(); }); - it("and no cipher update candidates match `username`, trigger a new cipher notification", async () => { + it("and no cipher update candidates match `username`, do not trigger a notification (username alone is insufficient signal)", async () => { const storedCiphersForURL = [ mock({ id: "cipher-id-1", @@ -1660,15 +1660,7 @@ describe("NotificationBackground", () => { await notificationBackground.triggerCipherNotification(formEntryData, tab); expect(pushChangePasswordToQueueSpy).not.toHaveBeenCalled(); - expect(pushAddLoginToQueueSpy).toHaveBeenCalledWith( - mockFormattedURI, - { - password: "", - url: formEntryData.uri, - username: formEntryData.username, - }, - sender.tab, - ); + expect(pushAddLoginToQueueSpy).not.toHaveBeenCalled(); }); it("and no cipher update candidates match `username`, do not trigger a new cipher notification if the new cipher notification setting is disabled", async () => { diff --git a/apps/browser/src/autofill/background/notification.background.ts b/apps/browser/src/autofill/background/notification.background.ts index e3612c2cf24..844bf408114 100644 --- a/apps/browser/src/autofill/background/notification.background.ts +++ b/apps/browser/src/autofill/background/notification.background.ts @@ -1018,13 +1018,15 @@ export default class NotificationBackground { // involves all ciphers, making it mutually exclusive from any other scenario) if (noFieldMatches.length === ciphersForURL.length) { // trigger a new cipher notification in these input scenarios + // Note: username-only is excluded because a username with no password is insufficient + // signal to assume a new login is being created. Multistep login forms accumulate + // username + password across steps, so the combined data will trigger on form submission. if ( ( [ inputScenarios.usernamePasswordNewPassword, inputScenarios.usernameNewPassword, inputScenarios.usernamePassword, - inputScenarios.username, inputScenarios.passwordNewPassword, ] as InputScenario[] ).includes(inputScenario) &&