undefined | Better HN

0 pointssandgiant4y ago0 comments

NIST actually recommends allowing users to paste exactly for this reason:

> Verifiers SHOULD permit claimants to use “paste” functionality when entering a memorized secret. This facilitates the use of password managers, which are widely used and in many cases increase the likelihood that users will choose stronger memorized secrets.

https://pages.nist.gov/800-63-3/sp800-63b.html

I use the "Don't Fuck With Paste" add on for Chrome/Firefox, which mostly works well.

0 comments

rav4y ago

Here's a bookmarklet version of "Don't mess with paste" for those who don't want to install the add-on:

    javascript:void(document.documentElement.addEventListener(
    'copy',e=>e.stopPropagation(),true),
    document.documentElement.addEventListener(
    'paste',e=>e.stopPropagation(),true))

j / k navigate · click thread line to collapse