Paste Passwords into blocked form fields on the Internet
Most Internet services don't prevent you from pasting information into password fields or other form fields on websites.
Some on the other hand restrict pasting to select fields or none at all, which means that you need to fill out those fields manually as you cannot use copy and paste to do so.
That's at least how it looks like on first glance. One example that I encountered just recently. I added a couple of items to a cart on this site and was asked to create an account to complete the purchase.
Both the repeat email address field and confirm password field are locked on the site blocking you from pasting text into them.
I use KeePass to generate unique passwords for websites and paste the information into the forms. Since I was not able to do so for one field, and had no desire to type a 30+ character password into the confirm password field, I had to find a way to bypass the restriction.
Bypass the restriction
I'm using Firefox as my main browser which is why I demonstrate how it is done using it. All other "mainstream" browsers, Chrome, Opera and Internet Explorer, support Developer Tools as well, and you can usually launch them by hitting F12 while the page is open that you want to modify.
- Make sure the page with the form is the active tab in the browser.
- Hit F12 to start the Developer Tools. They are displayed in a frame at the bottom of the browser window in Firefox.
- Select the inspector icon (the left icon next to Inspector in the toolbar), and click on the Confirm Password field (or any other field that blocks pasting).
- Locate oncopy="return false" and double-click on it.
- Change false to true, and et voila, you can paste into the second field as well.
- Alternatively, delete the whole property and hit return in the end.
Note: The effect remains until you reload the website, meaning it is not permanent but only temporary. This does not appear to work in Chrome right now, check out the alternatives below.
Alternatives
If you don't like digging in code to resolve the issue, or if a site uses a different method to prevent you from pasting into select fields, then you may be interested in alternatives to the manual solution posted above.
Browser extensions make things more comfortable. Firefox users and users who run forks of the browser may install Disable clipboard manipulations which enables pasting among other things.
Users who run a Chromium-based browser can download and install Don't fuck with paste instead.
The disabling of copy/paste for passwords is insane & no “security argument” will suffice to justify.
I am sure i am not alone, certainly like you I either invent long passwords or have LastPass create them.
Then of course I fail to type correctly about half the time or simply give up with all the messing about required.
I use Opera & Chrome, looksw like Opera will gain in use now.
Thanks for a great tip.
Dude
You absolute LEGEND!
I had the EXACT issue as described, been using Keepass for years and the stupid Visa Checkout website does not allow you to paste a new password after you have resetted it.
Installed “Dont fuck with paste” on chrome, gave it a 5 star rating and BOOM! worked!
Same here. Send Visa Checkout a letter about it. It’s monumentally stupid. I’m not going to type all that in like some grandma. I hope my Visa Checkout does get hacked and they lose money making me whole.
This is built into FireFox (now?)
in about:config
dom.event.clipboardevents.enabled – set to false :)
Martin…
Thanx a lot dear
I have no words to how say thanx to you bro
You did very well job
Thanx again
Great stuff Martin. Thanks a lot. Wish I’d thought to look this up a year ago! But more and more websites are prohibiting pasting of credit card numbers, addresses, etc etc. Incredibly tedious, and even worse for the dyslexic.
nice tip martin , thanks for this
Slightly off topic, but I love the new ‘jump to top’ icon. How about a ‘bottom’ one as well.? I get finger friction burns from swiping repeatedly on some sites! They should be everywhere. Isn’t there any add-on?
I don’t think so Martin. You are the first to mention the jump to top icon by the way ;)
To circumvent this type of problem, where one can not paste a clipboard value, I made “Paste Text Like” https://sites.google.com/site/pastetextlike/
It allows to paste mimicking a keyboard typing, thus works on all places including website, programs, list box etc. One do not need to change the browser and will also work where you can not change anything.
Regards,
Anand
Not working on Chrome Version 36.0.1985.125 m
The extension or the method itself?
Did not work for me either. Then I realized that the attribute to change is onPaste, not onCopy. May be new version
the method itself.
Hm, you are right, I just checked in Chrome Stable and it does not work. Well, I suggest you try the extension then, not sure why the manual method does not work.
Thank you so much,
This Stuff has been driving me mad.
Was starting to blame Lastpass, but not so.
Do you know of a extension for Safari?
You should make an article on why everyone should disable clipboard events all the time, and why Mozilla should make it the default setting.
You can also use the FF addon “secure login 1.03”. It works with all of the software giveaway sites that require an account to be setup to complete the purchase of a application on “sale”.
I’ve said it before Martin, and I’ll say it again ………..
Your blood is definitely worth drinking! :)
install https://addons.mozilla.org/en-US/firefox/addon/righttoclick/
In options: tick only disable page cut, copy handlers then press yellow arrow in toolbar, job done.
Got anymore tips of this type for other websites?
Do you have anything in particular in mind?
Martin, I was accustomed to use Phrase Express (your recommendation some time ago) to fulfill the bank agency number and account number fields in order to enter my account, and also some fields once inside the account. I could also copy and paste or use the Virtual Keyboard. My bank suddenly prohibited that procedure saying it is for the client’s security. Now I can only use the regular keyboard. Virtual Keyboard and Phrase Express cannot be used any more. After reading this article of yours I installed the Disable Clipboard Manipulation and the functionality – Copy and paste is back, but neither Phrase Express nor Virtual Keyboard work to fulfill the bank’s fields. My question to you, and I thank you right now for the answer, is: should I insist using the Copy and Paste functionality in spite of the bank’s prohibition (somehow I feel safer doing so) or is it better to use the regular keyboard and consequently exclude the Disable Clipboard Manipulation extension? Which is safer in your opinion, Copy and Paste or the use of the regular keyboard? I have Malwarebytes Anti Malware Premium installed and also Zemana AntiLogger. (Forgive my English…) Thank you.
Copy and paste is just fine.
Thank you! The art of answering in simple six words a question that demanded 978 words!!! lol
The about:config change to avoid being stopped from any paste or copy is maybe the lighter and easier change for anyone using firefox or a derivative. (It is suggested in the addons linked)
Set dom.event.clipboardevents.enabled to false, et voila
Note this may break a little bit rich pasting into some javascript WYSIWYG editors.
@Jan
Made my day in 2020, as there are still sites that use this backwards principle, and your fix still works :)
Was Ctrl-V blocked as well?
Yes it was blocked