- cross-posted to:
- nonpolitical_memes@lemmy.ml
- cross-posted to:
- nonpolitical_memes@lemmy.ml
You must log in or # to comment.
Just as evil are the pages that don’t let you select text or pictures for copying.
You can’t copy our JPEGs! That’s stealing! If you want to look at these JPEGs whenever you want, you need to register for an account and tag your favorites so we can monitor your viewing habits and sell your personality profile to advertisers and government entities!
I believe you can hold ALT then select on Firefox when that comes up, but I don’t think I’ve seen it in years.
Or training videos that pause if the window playing the video is not the last thing clicked on.
Especially for things like account numbers. No, you’re not increasing security, you idiots, you’re increasing human error!
TBF, I kind of get it. If someone is using a public computer you wouldn’t want someone to be able to sign into a site they left open because they copied their password.
However, this won’t prevent anyone from copying the password into something like notepad and just typing it out. So in the end, it’s useless and makes things less user friendly. Which is what I expect these days.
I suspect the reasoning for it was more along the lines of “if you’re pasting the password, that means you probably saved it in a text file on your desktop or something, and you shouldn’t do that so let’s stop you from doing it”. In reality, it probably didn’t work to make anyone store passwords more securely, and only made life unnecessarily harder for people with password managers
My bank uses a TOTP and they not only block paste, they also block all typing. Instead they popup a modal with a 0-9 digit keypand and the location of each number changes every time.
Effing obnoxious.
That’s a security standard preventing keyloggers from guessing your credentials.
That’s
asecuritystandardtheater pretending to preventingkeyloggers from guessing your credentials.FTFY
The TOTP changes every time. For modern totp hashing I’m not sure how many sequential codes a keylogger would need but I’m guessing more than I will ever enter.
Edit, asked ai for an answer to that because I was curious (maybe it’s right):
Start AI
That being said, if an attacker were able to collect a large number of TOTP codes, they might be able to launch a brute-force attack to try to guess the private key. However, this would require an enormous amount of computational power and time.
To give you an idea of the scale, let’s consider the following:
Assume an attacker collects 1000 TOTP codes, each 6 digits long (a common length for TOTP codes). Assume the private key is 128 bits long (a common length for cryptographic keys). Assume the attacker uses a powerful computer that can perform 1 billion computations per second.Using a brute-force attack, the attacker would need to try approximately 2^128 (3.4 x 10^38) possible private keys to guess the correct one. Even with a powerful computer, this would take an enormous amount of time - on the order of billions of years.
Came here hoping someone would explain how to use dev tools to remove that block or if there an addon for that, really hate this kind of restriction
In about:config, set dom.event.clipboardevents.enabled to false.
On macOS:
Love that Keyboard Maestro has an “Insert Text By Typing” feature/macro where text streams from your cursor :)
I blame browsers
Well, stop. The problem is caused by mid-level managers who think they know better than the Worldwide Web Consortium.
“welcome” :)
