Jan Ciger
Chris 🌱 
If you disable pasting in your password field, I hate you. I hate you even more if you don't have a "show password" button so I can verify that I'm typing my password correctly since you won't let me paste
the people's eva@brainblasted rarely have I wanted to punch someone through a computer more than when they do shit like that...
Weird Socks@brainblasted
instant follow
instant follow
Bruce Heerssen 
Me: I'm being responsible. I use a password manager and unique, stupidly complex passwords.
Website: Haha! Fuck you.
WideEyedCurious 🇺🇸 💙 🇺🇦 & 🇨🇦@brainblasted I second that.
Daniel Düsentrieb@brainblasted there's a special place in hell, right after people that don't let you type out a date but force a date picker at you
Laux Myth (aka Martin)@theDuesentrieb @brainblasted
Right beside that place in hell is a place for devs whole tell you the rules they have for a PW after you put in one.
Right beside that place in hell is a place for devs whole tell you the rules they have for a PW after you put in one.
Matthew MillerFun times: the official Indian evisa website forces a date picker, which shows up localised for American-style MM-DD-YYYY, and then when you hit "next", complains that the format must be DD-MM-YYYY. (I suppose only if you are lucky enough that then day is the 13th or later — otherwise, it probably just submits the wrong thing!)
Jonas@brainblasted
The underlaying issue here is that a modern OS generates a "paste event" instead of simulating a "typing keycodes event" which would prevent any shennigans like this to work in the first place
The underlaying issue here is that a modern OS generates a "paste event" instead of simulating a "typing keycodes event" which would prevent any shennigans like this to work in the first place
Ölbaum@magnetic_tape The underlying issue to the underlying issue is web developers implementing security by superstition.
@brainblasted
@brainblasted
Jeremy List@magnetic_tape @brainblasted but in browsers there's just a generic "text field value changed" event.
Kᑐᑌᑐᕮ@brainblasted so annoying... on desktops i have a system-wide keyboard shortcut which triggers "type the clipboard contents", as a workaround.
C++ Wage Slave@CppGuy @brainblasted Linux: Espanso
Previously, macOS: Keyboard Maestro
jelte
Dagnabbit, Pascaline! 💥Oh yes, that's so bad.
I have an app here on the phone that does not allow pasting. I've been silently ranting and raging about it. Internalisation is a thing.
Richard W. Woodley ELBOWS UP 🇨🇦🌹🚴♂️📷 🗺️Password show buttons should be de-rigour and obvious. Everyone is not entering passwords with someone looking over their shoulder, I would suggest most people are not,
Christophe Brocas 
@brainblasted I lived that particular moment so many times 💯
Arjen Haayman@brainblasted Do you know what a bookmarklet is? It's a tiny javascript that you can add to your bookmarks at the top of the page. Instead of having an URL in the target, you add this script.
If you click on the link, it will find all password fields on the page and turn it into a regular input field to make the content visible. It is harmless and has no impact on the workings of the page
```
javascript:(function(){
document.querySelectorAll('input[type="password"]').forEach(el => el.type = 'text');})()
```
Björn@haayman @brainblasted Wish there was something like this but for websites rewriting the browser navigation history.
@thaodan @brainblasted i don't think so, but van you give an example where it's bothering you?
@haayman @brainblasted Ever clicked on a link and couldn't go back anymore? Like when following a search result.
@thaodan @brainblasted only when it's opened in a new tab or window. That's normal behaviour. Sometimes search-engine let you choose whether or not to open a result in a new tab or stay in the same tab.
I do sometimes see behaviour where you can click around between e.g. photos in an article where the back-button goes back to the previous image, instead of to the previous article. In that case I really wish they didn't do that
@haayman @brainblasted I happens frequently when opening them in the same tab to me.
Chris Want@brainblasted this is all true, but my least favorite is "I'm only gonna give you three tries then lock you out". (Nobody can brute force a password in three tries, so what problem is that solving?)
Larvitz 
@brainblasted My previous bank has not only disabled "paste" in their iOS banking app login - they even implemented their *OWN ON-SCREEN KEYBOARD* for passwort entry.. (and that one was hardcoded to German qwertz layout ..)
Mike P@Larvitz @brainblasted For ultimate security, they should invent some special characters that are only found on their custom keyboard, and then require you to use them in your password. ;)
Leeloo@brainblasted
My password manager has an autotype function, rather than pasting the password, it sends the username and password as keystrokes.
My password manager has an autotype function, rather than pasting the password, it sends the username and password as keystrokes.
ItsPattyNotPaddy Healy-Rae-Nua@leeloo @brainblasted What password manager is that?
Paul@brainblasted Hi Chris. If you use Firefox, one of these add-ons might help:
https://addons.mozilla.org/en-US/firefox/addon/paste-enabler/
https://addons.mozilla.org/en-US/firefox/addon/force-paster/
https://addons.mozilla.org/en-US/firefox/addon/don-t-fuck-with-paste/
Philippe Poupou
Goince 
Otter-Matic@brainblasted it’s right up there with asking for my email on one page then the password on the next bonus fail points if you make me a click a send 2FA email button instead of just doing it Automatically.
@brainblasted
Agree. Giving side eye to Apple on latest MacOS version. My passwords are alphabet soup and I want to just a mouse-over to show and proof. Plus make the field big enough for a good PW. Mine are usually 20 to 26 characters. If the front disappears, I can hardly proof it.
Agree. Giving side eye to Apple on latest MacOS version. My passwords are alphabet soup and I want to just a mouse-over to show and proof. Plus make the field big enough for a good PW. Mine are usually 20 to 26 characters. If the front disappears, I can hardly proof it.
@brainblasted The next after that are those who mark the username field as a password or remove the ability to use a password.
I hate making me wait for your email.
I hate making me wait for your email.
J. R. DePriest 
:EA DATA. SF:It's like, "Bitch, don't assume you know my threat model".
Ryan Castellucci (they/them) 
@brainblasted same with email addresses, tbh
Angela Scholder@brainblasted Ctrl-V generally works.
And I never had an issue with the Auto-type from KeePass...
And I never had an issue with the Auto-type from KeePass...
Matt Hardy 3.11 for Workgroups@AngelaScholder @brainblasted +1 for AutoType from keepass. I've used it to type the notes field which contained base64 encoded files that citrix wouldn't let me copy to the remote computer. Also the powershell script that decodes it.
ahnlak@brainblasted still better than the (mostly banking) sites that encourage you to set a complex password and then ask for the 3rd, 13th and 47th letter only
Rebeca@ahnlak @brainblasted Whaaaaaaaaaaaat????!!!!
Luna Dragofelis ΘΔ🏳️⚧️🐱@brainblasted these people probably think "more inconvenience equals more security"
Ronan@brainblasted I'm really annoyed that MacOS doesn't allow Show Password. Sure default it to off but give the option
@brainblasted IMHO browsers should just ignore pages' attempts to block pasting.
RevK 
@brainblasted similarly if you insist I type my email address twice (and then don’t allow copy/paste).
The Penguin of Evil@brainblasted and a 60 second timeout. Heck let's add some JavaScript that fakes hitting an adjacent key some of the time just for fun
@brainblasted This morning I typed in at 28 character password into a microsoft RDP login box that was being shared via Citrix with pasting disabled. It did at least have a show password button which revealed the typo. I pressed the left button the requisite number of times and then pressed the show password button again to confirm I was at the right point. And guess what? Doing so moved the insertion point back to the end of the line. It's going to be one of those days.
Edelruth, PBS Passport HolderIt is not just me!
Also, those are you human check the correct picture things? I fail them every time now, thank you "mild" macular degeneration in one eye. I guess some sites just don't want to sell to seniors.
Gersande La Flèche@brainblasted thiiiiiiiiiiiiiiiiiiiiiiiiiiis