NIST actually recommends allowing users to paste exactly for this reason: > Veri... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		sandgiant on May 28, 2021 \| parent \| context \| favorite \| on: Safari tries to fill username NIST actually recommends allowing users to paste exactly for this reason: > Verifiers SHOULD permit claimants to use “paste” functionality when entering a memorized secret. This facilitates the use of password managers, which are widely used and in many cases increase the likelihood that users will choose stronger memorized secrets. https://pages.nist.gov/800-63-3/sp800-63b.html I use the "Don't Fuck With Paste" add on for Chrome/Firefox, which mostly works well.

rav on May 28, 2021 [–]

Here's a bookmarklet version of "Don't mess with paste" for those who don't want to install the add-on:

    javascript:void(document.documentElement.addEventListener(
    'copy',e=>e.stopPropagation(),true),
    document.documentElement.addEventListener(
    'paste',e=>e.stopPropagation(),true))

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact