The combination of a non-display entry field and blocking paste is devasting to those with awkward keyboards or coordination issues.
In my current position I use chip and PIN; much harder to crack, less prone to typos. Scanning finger prints or retinas should also work well, although I have no experience with those technologies. For applications that don't directly support the id card, there are one-time pass tickets. Slightly more awkward, but not enough to matter. -- Shmuel (Seymour J.) Metz http://mason.gmu.edu/~smetz3 עַם יִשְׂרָאֵל חַי נֵ֣צַח יִשְׂרָאֵ֔ל לֹ֥א יְשַׁקֵּ֖ר ________________________________________ From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> on behalf of Joel C. Ewing <jce.ebe...@cox.net> Sent: Wednesday, February 14, 2024 6:45 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: Insecure security - was SDSF PS Command column It obviously depends on what websites you visit, but there is only one website of the many I use that completely prevents paste of a password by all methods. Most of the websites I've encountered that prevent a mouse right-click and selection of "Paste" for login fields will still allow the key combination of Enter+Insert to do a paste -- works on both Linux and Windows. Does irritate me that some websites don't seem to have heard of password managers, or they wouldn't make it difficult. I could see an argument where you are entering a new password with a second copy for verification to require at least one to be actually typed, but that becomes a real pain with long, secure, random passwords assigned by a password manager. Jc Ewing On 2/14/24 16:28, Tony Harminc wrote: > On Wed, 14 Feb 2024 at 16:17, Paul Gilmartin < > 0000042bfe9c879d-dmarc-requ...@listserv.ua.edu> wrote: > > But I've encountered sites that prohibit OS desktop Paste into password >> field. >> > Plenty of those. And some that allow a paste into the email field, but not > into the "verify email" field. That one just reinforces the feeling that > the designers of web sites don't really understand how much of anything > works. > > Tony H. > -- Joel C. Ewing ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
