topic Re: Can't paste password in Self-Serve in Get Support

Can't paste password in Self-Serve

pop78 — Tue, 04 Jan 2022 23:03:55 GMT

Sorry if this has been mentioned before, did a search and didn't find anything.

Why doesn't PM allow us to paste passwords for Self-Serve? We can paste passwords for Community. I use a password manager and not allowing us to paste defeats the purpose of a password manager.

I much prefer to use a longer password, but I'm not going to type in a 25+ charact password. Just too prone to error. I've read about this before and I have yet to see anything to convince that disabling paste for password is safer...

Re: Can't paste password in Self-Serve

outdoorsaddix — Sat, 05 Nov 2016 03:56:38 GMT

Its for security I belive. There is much more personal information in Self Serve than in Community. I think the theory is that they want you to keep your passwords off your clipboard which is a much more vulnerable part of your computer.

This article touches on getting arround it:

http://www.ghacks.net/2014/07/26/paste-passwords-blocked-form-fields-internet/

Re: Can't paste password in Self-Serve

pop78 — Sat, 05 Nov 2016 04:03:30 GMT

Yes, I was aware of these simple work arounds. Just goes to drive home my point that I've yet to see something to convince me that disabling paste for password is safer.

If PM's concern is security, than enable 2 step verification. Disabling paste for passwords is just an inconveniance that forces users to chose simpler/shorter passwords. The reverse of more secure...

Re: Can't paste password in Self-Serve

imcphers — Sat, 05 Nov 2016 04:06:24 GMT

I use LastPass and chrome and it auto fills the password.

Re: Can't paste password in Self-Serve

pop78 — Sat, 05 Nov 2016 04:21:20 GMT

I'm sure plenty of people can (and probably will) chime in with ways around this. And hey, bring it on! It just goes to prove what a silly "security" measure it is. And now that I've asked the question, any who didn't know of a work around do now.

Just to be clear. I'm not asking for ways around this. I'm asking why it's implemented in the first place. Not actually expecting an official response, but you never know. Maybe they'll remove it and implement something that does add security, like 2 step verification.

Re: Can't paste password in Self-Serve

outdoorsaddix — Sat, 05 Nov 2016 13:32:52 GMT

@pop78 Sorry I think I just misinterpreted the question. I would bet that the real answer is that the functionality was prebuilt into whatever system they are using for my account, I doubt they wrote something from scratch.

Two factor would be nice in the future, but for now with Public as a low cost operator we are probably stuck with what we have.

Althought I went to try it out myself and I can paste into the My Account password field. I'm using Safari on Mac, maybe it was a prebuilt workarround?