Re: NSSecureTextField and paste

2008-05-21 Thread Ken Thomases
On May 21, 2008, at 8:31 AM, Torsten Curdt wrote: It' absolutely annoying that paste is disabled in NSSecureTextField. From the docs it sounds like that really is on purpose. "It overrides many aspects of text editing to prevent passing of the object’s value out by mechanisms available to t

Re: NSSecureTextField and paste

2008-05-21 Thread Torsten Curdt
On May 21, 2008, at 16:44, Jens Alfke wrote: On 21 May '08, at 6:31 AM, Torsten Curdt wrote: It' absolutely annoying that paste is disabled in NSSecureTextField. From the docs it sounds like that really is on purpose. That seems inconsistent, since other password fields in the user in

Re: NSSecureTextField and paste

2008-05-21 Thread Jens Alfke
On 21 May '08, at 6:31 AM, Torsten Curdt wrote: It' absolutely annoying that paste is disabled in NSSecureTextField. From the docs it sounds like that really is on purpose. That seems inconsistent, since other password fields in the user interface are pasteable, like the password textfield

Re: NSSecureTextField and paste

2008-05-21 Thread I. Savant
> If the script can paste into the box and hit the "OK" button I assume > it could also simulate key strokes ...no? A good point. :-) -- I.S. ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comme

Re: NSSecureTextField and paste

2008-05-21 Thread Matt Gough
On 21 May 2008, at 16:06, Torsten Curdt wrote: If the script can paste into the box and hit the "OK" button I assume it could also simulate key strokes ...no? No, Its my understanding that the NSSecureTextField is very particular about how it will get its input. i.e You can't use the Acces

Re: NSSecureTextField and paste

2008-05-21 Thread Matt Gough
On 21 May 2008, at 16:05, Torsten Curdt wrote: From a security point of it makes some sense to prevent pasting. You don't really want people keeping plain text versions of their passwords around. Also, whatever was pasted would be left on the clipboard. That would be very easy for someone

Re: NSSecureTextField and paste

2008-05-21 Thread Torsten Curdt
On May 21, 2008, at 15:49, I. Savant wrote: On Wed, May 21, 2008 at 9:31 AM, Torsten Curdt <[EMAIL PROTECTED]> wrote: It' absolutely annoying that paste is disabled in NSSecureTextField. From the docs it sounds like that really is on purpose. Perhaps to prevent scripted brute force attac

Re: NSSecureTextField and paste

2008-05-21 Thread Torsten Curdt
On May 21, 2008, at 15:45, Matt Gough wrote: On 21 May 2008, at 15:31, Torsten Curdt wrote: So it also disabled passing values IN ...not just OUT. Why? Any idea on how to enable paste in NSSecureTextFields? From a security point of it makes some sense to prevent pasting. You don't reall

Re: NSSecureTextField and paste

2008-05-21 Thread I. Savant
On Wed, May 21, 2008 at 9:31 AM, Torsten Curdt <[EMAIL PROTECTED]> wrote: > It' absolutely annoying that paste is disabled in NSSecureTextField. From > the docs it sounds like that really is on purpose. Perhaps to prevent scripted brute force attacks, continuously (and rapidly) pasting attempts

Re: NSSecureTextField and paste

2008-05-21 Thread Matt Gough
On 21 May 2008, at 15:31, Torsten Curdt wrote: So it also disabled passing values IN ...not just OUT. Why? Any idea on how to enable paste in NSSecureTextFields? From a security point of it makes some sense to prevent pasting. You don't really want people keeping plain text versions of the

NSSecureTextField and paste

2008-05-21 Thread Torsten Curdt
It' absolutely annoying that paste is disabled in NSSecureTextField. From the docs it sounds like that really is on purpose. "It overrides many aspects of text editing to prevent passing of the object’s value out by mechanisms available to the user (namely, through Cut, Copy, and Paste comm