I hate whoever that was

[email protected]

Weird, that's one character off from my Paramount+ password. I know from typing it on every fucking STB and console that I own and painstakingly quadruple-checking each character when it fails.

You'd think I'd just change to a passphrase but nah. Ain't nobody got time for that. Too busy ranting about user unfriendly problems that shouldn't exist in modern STB apps.

[email protected]

Yep. It's always when I'm adding a payment method to like a credit card or something.

The ones that are web-based and block password vault auto fill...on desktop...those really grind my gears.

Also, is it me, or is android really bad about detecting when something is a username/password field and the vault auto fill should be suggested

[email protected]

using characters that need to be escaped in your plugins name

AwkwardLookMonkeyPuppet

It's pretty bad. I get the pop-up for a lot of incorrect fields.

[email protected]

My impression from when I’ve encountered this is that it is an attempt to repel bots.

hmm bots don't use keyboard or mouse copy & paste so I don't see how that makes sense?

my impression is this is just stupid product managers who don't understand why it's a bad idea to force all your users to manually type out their passwords or email addresses just because of the 0.1% of people who would copy and paste one with an error in.

[email protected]

Sadly this doesn't work reliably - an increasing number of sites still manage to block it. Also it prevents other sites from working properly.

[email protected]

Bots don't paste. If it a selenium related bot it would inject the value or type out each keypress.

It only causes real users pain

[email protected]

My bank uses a TOTP and they not only block paste, they also block all typing. Instead they popup a modal with a 0-9 digit keypand and the location of each number changes every time.

Effing obnoxious.

[email protected]

Bank developer played too much RuneScape?

[email protected]

Lmao I was just about to comment, their bank must have hired a UX designer from Jagex lol

[email protected]

I eventually found it as well. I'm still a bit annoyed. It's not very convenient.

udon

"welcome"

[email protected]

[email protected]

That's a security standard preventing keyloggers from guessing your bank password.

[email protected]

Most of the problems in the modern world could be solved if the front line people could to each other directly.

Suits are the bottleneck.

[email protected]

The TOTP changes every time. For modern totp hashing I'm not sure how many sequential codes a keylogger would need but I'm guessing more than I will ever enter.

Edit, asked ai for an answer to that because I was curious (maybe it's right):

Start AI

That being said, if an attacker were able to collect a large number of TOTP codes, they might be able to launch a brute-force attack to try to guess the private key. However, this would require an enormous amount of computational power and time.

To give you an idea of the scale, let's consider the following:

Assume an attacker collects 1000 TOTP codes, each 6 digits long (a common length for TOTP codes).
Assume the private key is 128 bits long (a common length for cryptographic keys).
Assume the attacker uses a powerful computer that can perform 1 billion computations per second.

Using a brute-force attack, the attacker would need to try approximately 2^128 (3.4 x 10^38) possible private keys to guess the correct one. Even with a powerful computer, this would take an enormous amount of time - on the order of billions of years.

[email protected]

I use "don't fuck with paste", a browser extension.

[email protected]

if you use keepasxc, what about autotype? I could never get it to work but idk.

[email protected]

I can do this on my phone and it's easier than the select text button

still annoying though

[email protected]

On ff, shift and right click works. Otherwise, the inspect element.