[Jason] Some organizations (such as financial institutions) may have good security reasons to disallow password managers. This observation reinforces my view that we need a strong security review of this proposal. It is an issue I’ve followed fairly closely; most modern advice is to allow it: https://www.ncsc.gov.uk/blog-post/let-them-paste-passwords (Official UK Gov advice.) https://www.troyhunt.com/the-cobra-effect-that-is-disabling/ https://www.wired.com/2015/07/websites-please-stop-blocking-password-managers-2015/ I haven’t seen any reason for disabling pasting that has not be myth-busted by one of the above. Cheers, -Alastair
Received on Tuesday, 20 June 2017 15:10:36 UTC