Re-enabling Password Pasting on Annoying Web Forms (v2)

Security is not to be taken lightly so in recent days I’ve become increasingly frustrated by the insistance of some companies to disable the facility to paste passwords into login forms. Rather then increase security, this cripples those of us using password managers such as KeePass or 1Password, as the nice long randomly-generated passwords cannot be simply pasted into the password field. Instead users are forced to manually type in passwords which will promote the use of shorter passwords (and thereby weaken security).

I’ve found this occuring on companies such as Apple, Vodafone and Nestlé.

Thankfully I’ve found a solution in the form of a bookmarklet. The original idea came from the blog posting Re-enabling Password Pasting on Annoying Web Forms by Derek Prior. Unfortunately his method simply removes the onpaste attribute directly but this doesn’t work if the web site is using an event handling framework such as jQuery. I’ve taken Derek’s original code and modified it to work better with these frameworks.

To use the bookmarklet, drag the following link to your browser’s bookmark bar.

Compatibility Note: The bookmarklet only works in Chrome and Safari due to the difficulty of reading clipboard data in Firefox. It could easily be extended to include IE although I don’t have access to a Windows system to test this. There are other solutions to this problem in the form of chrome extensions (e.g. Paste ITC Password & Allow Paste into fields text although I’ve not tested them) and I would assume similar addons are available for the other browsers. Personally I like the simplicity of the bookmarklet. The code is hosted on pastebin if you want to play with it: