I've been to more than a few sites now where if you paste the password they will not log you in. However if you type the exact same password, it's fine. Now I have a LOT of accounts and use a password vault program to store them. It's convenient to paste, especially as they are long secure passwords and by using the copy in the vault, someone looking over my shoulder can never see the password.
So, my question is -- What are the reasons for preventing password pasting to a website? Does this actually increase security?
(Please don't argue the use of the password vault. At 200+ passwords, needing a different password for each, it's the most secure method I have)
If you ever habitually copy sensitive information to your clipboard such as the answer to a secret question, activation codes, or your credit card number, you put yourselves at risk. It's safer to not copy passwords or any other sensitive information to the clipboard.
So they built the validations on javascript for checking empty fields, regex etc and ofcourse they had to validate on keypress. The problem was that it didn't work if the user pasted in the input, so they blocked copying/pasting to prevent users from inputting unsafe data.
Passwords provide the first line of defense against unauthorized access to your computer and personal information. The stronger your password, the more protected your computer will be from hackers and malicious software. You should maintain strong passwords for all accounts on your computer.
TL;DR Password managers use the clipboard so you can paste the password. Every Android app can read the contents of the clipboard without requiring a permission. This also means that if you use Pushbullets new clipboard sync feature, everything you copy on your computer can be potentially read by all your Android apps.
Honestly, there is zero real value in it. Anyone can turn off javascript, which is the only real way to do this.
It's annoying as hell and just one of those things people do because they heard from a friend of their cousin's bartender that "secure sites do this".
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With