Here is the text of the NIST sp800-63b Digital Identity Guidelines.

  • @[email protected]
    link
    fedilink
    English
    6912 hours ago

    How about making it illegal to block copying and pasting on website forms. I’m literally more likely to make a mistake by typing a routing number than copying and pasting it. The penalty for should be death by firing into the sun to anyone caught implementing any such stupidity.

    • @[email protected]
      link
      fedilink
      English
      5111 hours ago

      Frankly I’m mostly annoyed that my browser allows web sites to block cut and paste, ever. I am capable of making my own decisions over whether I want to cut and paste.

      There are plugins that will disallow this. I think the one I use is “don’t fuck with paste”

      • @[email protected]
        link
        fedilink
        English
        45 hours ago

        Browsers shouldn’t allow half of the stuff that they allow. You have to do the same thing not just with copy and paste, but also searching on the page with ctrl + f. Like I don’t care that websites won’t to create their own experience. Don’t mess with browser behavior.

        • @[email protected]
          link
          fedilink
          English
          01 hour ago

          You really want to memorise different shortcuts for search? What if you’re on a web app like discord? Ctrl+f isn’t gonna be as useful as a built in search solution that has access to data that isn’t visible until searched for. I get the issues on disabling the features but if they’re replacing browser behaviour with something that suits the site better I think that’s alright as long as it’s not s downgrade.

      • dual_sport_dork 🐧🗡️
        link
        fedilink
        English
        97 hours ago

        Ooh, ooh. And for implementing any Javascript or jQuery or whatever that pops up some kind of smarmy message when you right click: Believe it or not, straight to jail.

        Plus, that kind of thing is not going to prevent anyone from scraping images from anywhere if they have the capability to lift a finger to press F12.

        • @[email protected]
          link
          fedilink
          English
          11 hour ago

          It won’t block it yes but it will diminish the amount of people doing it which is the point

        • @[email protected]
          link
          fedilink
          English
          2
          edit-2
          6 hours ago

          Exactly.

          My host decided to update their TOS to force me to accept binding arbitration, so I Inspect Elemented that right off the page and sent a message to support to end my service effective immediately (had been a paying customer for years). You’re not going to bully me on my own browser…

      • atocci
        link
        fedilink
        English
        1110 hours ago

        Anger is no excuse to be inefficient with propellant after all

        • @[email protected]
          link
          fedilink
          English
          16 hours ago

          Idk, it might delay the sun imploding a smidge. Or maybe it would accelerate it. Eh, they know what they’re doing…

    • Daemon Silverstein
      link
      fedilink
      English
      1312 hours ago

      I circumvent that by right-clicking, then choosing “Inspect element”, then switching to the tab “Console”, then typing $0.value = “TheValueIWantToPaste”. If right-clicking is also disabled, I use either F12 or Tools menu > DevTools.

          • @[email protected]
            link
            fedilink
            English
            38 hours ago

            And here I wrote an AutoHotKey script to type out my clipboard a character at a time so I can paste stuff into this remote desktop software I’m using that doesn’t support paste…

            It’s kinda necessary when the server’s unlock password is 256 characters long and completely random.

            • @[email protected]
              link
              fedilink
              English
              17 hours ago

              if it’s citrix you used to be able to modify the local connection config file to allow access to the clipboard regardless of what the server allowed.

              been a few years since I needed to do it, but it was possible at one time.

      • @[email protected]
        link
        fedilink
        English
        16 hours ago

        Or just delete the “readonly” bit. I did that on Treasury Direct for years until they finally removed that nonsense.

        • Daemon Silverstein
          link
          fedilink
          English
          16 hours ago

          Sometimes it’s not “readonly”, but a Javascript thing that “event.preventDefault()” and “return false” during the “onpaste” event. As the event is generally set using elm.addEventListener instead of setting elm.onpaste, it’s not possible to remove the listener, as it’d need the reference for the handler function that was set to handle the mentioned JS event. So simply setting the value directly using elm.value bypasses the onpaste event.

          • @[email protected]
            link
            fedilink
            English
            26 hours ago

            That’s fair, not sure why they’d go through that much effort when DOM attributes exist.