On 30/06/14 08:48, Paul Bolger wrote:
My mobile phone company recently redid their website. When I tried to
log in to the new site - using my normal method, copy and paste the
password out of KeepassX - I discovered that they have disabled
clipboard access to the password input field via
They are an NZ company, skinny.co.nz. They are a budget offshoot of NZ
Telecom and the best value over here at the moment.
Pity about their website though.
On 02/07/14 10:27, Jeremy Visser wrote:
On 30/06/14 08:48, Paul Bolger wrote:
My mobile phone company recently redid their website. When
Troy Hunt, a well-known Web security blogger discusses this issue at
http://www.troyhunt.com/2014/05/the-cobra-effect-that-is-disabling.html
mgm
___
Link mailing list
Link@mailman.anu.edu.au
http://mailman.anu.edu.au/mailman/listinfo/link
My mobile phone company recently redid their website. When I tried to
log in to the new site - using my normal method, copy and paste the
password out of KeepassX - I discovered that they have disabled
clipboard access to the password input field via javascript.
I rang them up and the person on
At 08:48 AM 30/06/2014, Paul Bolger wrote:
It seems to be that disabling the pasting of passwords could only
really have a bad effect on security. I can see no mechanical benefit,
a keylogger is going to be just as good at recording a manually keyed
password as a pasted one, and forcing users to
On Mon, 2014-06-30 at 10:48 +1200, Paul Bolger wrote:
I discovered that they have disabled
clipboard access to the password input field via javascript.
Install NoScript, turn off scripts for the page. See if that solves the
problem, You can turn the scripts back on when you've finished entering
It's not that hard to get around (I just turn the js off in Web
Developer), but it strikes me that this phone company think they are
being 'security conscious', but that the net effect will be the
opposite.
On 30 June 2014 11:38, Karl Auer ka...@biplane.com.au wrote:
On Mon, 2014-06-30 at 10:48
If you use firefox get this extension:
Disable clipboard manipulations
https://addons.mozilla.org/en-US/firefox/addon/nocopypaste/
About this Add-on
No configuration required, the extension is immediately active after
installation. Web pages will no longer be able to listen to copy, paste and
On Sun, Jun 29, 2014 at 7:52 PM, Rick Welykochy r...@vitendo.ca wrote:
A comment on the plug-in page mentioned security and privacy issues being
addressed
by this plug-in. Now that I think about it, I suppose anything on your
clipboard could
be surreptitiously copied to rogue websites. Not a
So does disabling pasting into the password field provide any benefit
for the site owner, besides annoying the users?
On 30 June 2014 15:01, Scott Howard sc...@doc.net.au wrote:
On Sun, Jun 29, 2014 at 7:52 PM, Rick Welykochy r...@vitendo.ca wrote:
A comment on the plug-in page mentioned
To be very cynical: It means that keyloggers can nab your password, so I guess
it depends on the motivations of the website owners.
On 2014/Jun/30, at 2:28 PM, Paul Bolger wrote:
So does disabling pasting into the password field provide any benefit
for the site owner, besides annoying the
11 matches
Mail list logo
