- The Last of Us: A Game-Changing Masterpiece in the World of Gaming
- Maximizing Engagement on Instagram Stories
- Just Play Another Game: The Harm in Casual Dismissal
- New iOS Patch Released to Fix NPC Locations and Stuck Animals
- Is the Apple Watch worth the Investment?
- Say No to Humans: The Importance of Protecting our Planet
- Exploring the Interplay of Dark and Colors in Art and Design
- Why Manchester United is More Than Just a Football Club
- Get Ready for Exciting New Games on Xbox Game Pass in January
- Discovering Low-Cost NFT Projects with Strong Teams and Solid Communities
- Why Some People Prefer Android Over Apple: The Key Differences
- Exploring the Latest dApps on Binance Smart Chain s DappBay and CryptoCitizen
- LG s Menu System and Remote: Unbeatable in the OLED TV Market
- Gate.io Hosts AMA with a $100 Rewards Pool on January 12th at 1 PM UTC
- Choosing the Best High-End Smartphone for Your Budget: A Guide for the Over-50K Price Point
- Hacking: The iPhone vs Android Debate
- The Dilemma of Choosing Between an iPhone and a Washing Machine
- The Dark Side of Mega-Dominant Software Platforms: A Look at Poor Customer Support
- The Last of Us: Part I - How Will the PS5 Affect Sales and Marketing Strategies?
- Win Money with a Quiz: The Ultimate Guide
- 10 Lucky People Wanted: Show Us Your Homescreen and Win!
- Xbox Should Release Starfield on PlayStation for Maximum Reach
- Xbox and Bethesda Developer\_Direct Show Announced for January 2023
- Is the iPhone 14 Worth the Upgrade?
- Closer than Ever Event Featuring Samurai II and Piranha X in Parking, St. Petersburg, and L.A. Block
- Max Price for a Standalone VR Game
- 5 Tips for Creating Professional and SEO-Friendly Blog Articles
- My Tech Wishlist for the Year
- The Connection Between Modern Architecture and Depression: A Critique of Wokeism
- Is switching from an iPhone to a Samsung a good decision?
So annoying when web sites disable copy/paste for passwordJanuary 19, 2021, 7:07 pm So annoying when web sites disable copy/paste for password fields. What the hell? Official Content-Security-Policy header in a near past used to break LastPass browser extension from doing things with the website like maybe injecting styles and whatever... As a User I want the copy paste function to be disabled for password fields So That I will enjoy the look of the login form for longer and better remember my password manager generated passwords cc There is a special curse for developers that stop you from pasting in a password. Also for those that clear the fields when you switch apps in android. The clipboard buffer is not secure. Nowadays, clipboards persist multiple passwords long after it is used and other apps read them Website: your password must be 15 characters long, contain letters, numbers & special characters. Oh, and you cant have a letters or numbers side by side. Also, it cannot be remotely recognizable as a word. Also Website: password masked Also Website: No paste for you! Its almost as if theyre trying to ensure you are susceptible to keyloggers. It`s an anti pattern. And keeps me away from using randomly generated passwords for such sites. What I`ve found most amusing is that sites that require higher levels of security (banks, payments etc.) seem to be the ones that have this restriction in place. I think password manager browser extensions need to just disable this I`d bet that jQuery is there only for that purpose. How cool is that? :D They think they`re so smart. Thank God on android i can switch to keypass keyboard and that is just "a key press" they can`t get around to, a big middle finger in their face I`m missing the point, but they could have also just added a CSS class like .js-nocopy and they could save up on registering only one handler refucktoring I use hammerspoon to get around this on OSX. It takes the clipboard and plays it out one key at a time. Even the code style screams "ugh.". E.g. no space between // and comment. Typo. And why not loop over element selectors to apply the blocking for to have the paste disable dance done only once This is terribly hostile, anti-user behavior and it should be stopped. But also, would a for-loop over the various form field IDs have been so hard for them to write? *shakes in anguish* The amazing thing is? The developer who had to code that spelt copy as copu in the comment, so the actual code itself is probably mostly copy and paste Seriously...even crazier when it`s developer centric sites trying to gatekeep information... Like they think we can`t work around it with DevTools?!?! You are literally sending us the bits!!!! Soon websites will be one big image When possible I refuse to use such annoying UI Also annoying when entering bank account/routing numbers. How could I possibly get it right by COPYING FROM MY BANK. Clearly my fat freaking fingers are more accurate. It`s a hangover from phone banking. They keep a plaintext but only show part of it to the phone banking agent, the theory being that they won`t be able to pose as you during another call. Perhaps they precompute the hashes of the combinations they know they`ll ask for when the password is initially set. This said, I`m not defending this terrible UX and am admittedly being hopeful about the technical reasons they`re able to do this. You could drag and drop that value from the address bar into the field. Didn`t work? There are browser plugins that disable this UK banks are particularly bad for that. There is a speciale place in hell gor these people... I changed my main banking service because of this! Perhaps even worse are those sites that ask for only a few (eg 3rd, 10th and 19th) characters of your password. Makes me fume. I agree, it`s absolutely ridiculous. I definitely always assumed it was to weed out mistakes. The funny thing is when I can copy and paste from my password manager I never make a mistake. When I enter manually Im way more likely to get it wrong. Especially on a phone. Ive wondered why this exists. Is it leftover archaic security from a time when most users remembered all their passwords? Have you tried StopTheMadness? Its even worse when apps do it! On the plus side, these are usually easy to spot and remove using Chrome`s inspect tool. I imagine there may be extensions available that can prevent paste event handlers from taking effect. I agree that sites should stop doing this, though. It encourages bad security. Drives me nuts. Especially when I have to paste from my rsa token. I detest that one. Why would you? So annoying. Obviously not dogfooding. |
|