FR
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Register now!

Why can't we paste in passwords to the change password field?

Funkagenda
Good Citizen / Bon Citoyen

‎08-06-2018 12:19 PM - edited ‎01-04-2022 06:40 PM

I use a password manager so I have secure, random passwords that are unique per-site, but I can't paste my new password in because it's disabled.

 

This is some backwards security theatre crap and should really be changed. Even NIST agrees that password pasting should be allowed:

 

"Verifiers SHOULD permit claimants to use “paste” functionality when entering a memorized secret. This facilitates the use of password managers, which are widely used and in many cases increase the likelihood that users will choose stronger memorized secrets."

Labels:
1 REPLY 1

will13am
Oracle
Oracle

‎08-06-2018 01:01 PM

@Funkagenda, sadly this site is not a poster child for security.  The SSL certificates are a mess also.  Most customers would be happy if they fix the parties password reset email.  

Copyright © 2025 Khoros, LLC
Need Help? Let's chat.