Lauren WeinsteinJan 3, 2023
One of the website UI modalities that I just *despise* are sites that block copy/paste (either via mouse clicks and sometimes also keyboard shortcuts) for filling important fields, out of some sort of misguided belief that this somehow enhances security. Actually it easily makes it worse in most cases. This is similar to sites that have crazy password rules (that they often can't even implement properly) that also tend to make security worse, not better. E.g., "Your password must contain between 10 and 22 characters, include no less than 3 characters between G and Q, at least two special characters, and a lowercase m and p. Thank you."
Show threadAdam Wolf

@lauren for entering your password, the U.S. government's Treasury Direct website not only blocks copy/paste, but blocks the keyboard altogether forcing you to use you mouse to type on an on screen keypad.

after one time logging in this preposterous way, first order of business for me was to shorten my generated password to the bare minimum allowable 🙃

Jan 4, 2023 at 4:39amWeb
Show threadLauren WeinsteinJan 4, 2023
@awolf I can't recall seeing that kind of credentials entry UI outside of TV-based apps, where of course it is very common and frustration inducing. At least more sites now permit showing password during entry on request. I argued for that for years.