Don't Stop Me from Pasting Passwords
mooreds
23 points
4 comments
April 27, 2026
Related Discussions
Found 5 related stories in 603.7ms across 14,015 title embeddings via pgvector HNSW
- 1Password for Claude: Give Claude access without giving up your credentials terracatta · 26 pts · July 16, 2026 · 55% similar
- Get your passwords out of Bitwarden while you still can speckx · 209 pts · May 21, 2026 · 53% similar
- Blackholing My Email semyonsh · 170 pts · April 07, 2026 · 49% similar
- Show HN: Bramble – Local-first password manager MegagramEnjoyer · 55 pts · July 02, 2026 · 48% similar
- LastPass notifies users of yet another data breach mooreds · 491 pts · June 25, 2026 · 48% similar
Discussion Highlights (3 comments)
k310
Unintended? Consequences. It encourages weaker passwords, since you are not going to type in 14 of more characters by hand. I tried. On campus, one service timed you out pretty quickly if you dawdled typing your password. I suggested that you should fail if you type it too fast , instead, to foil shotgun password typing bots, and give users more time for longer passwords. That was before password managers. It's hard to get everything right. After some rounds of white-hat password cracking, (the ones I got were so lame)I decided to modify the passwd command to crack passwords on the way in. Much faster with the plain text. I have distrusted facial recignition since the Columbo episode (spoiler) in which Dabney Coleman sends someone elseout in his car with a face disguise to be deliberately snapped by a traffic camera for an alibi. The photographically-aware detective notices that the light is wrong.
tim-tday
People who prevent pasting of passwords have no understanding of security. They should be fired immediately. Why? You just stopped me from using my password manager. And the fact that you don’t realize means you don’t use one. If you work in security and don’t use a password manager (and prevent others from same) you are woefully incompetent and should go find another career.
markandrewj
I am not saying this is a solution, but the reason you see this is because a number of companies, such as TikTok and LinkedIn, have been caught scraping the clipboard. https://www.forbes.com/sites/daveywinder/2020/07/11/iphone-u... https://www.forbes.com/sites/zakdoffman/2020/06/26/warning-a... That said, for web applications, you are required to do things like use HTTPS for the modern clipboard API, which provides the user some guarantees. Not much works without HTTPS anymore though.