30+ years of tech, retired from an identity intelligence company, now part-time with an insurance broker.
Dev community mod - mostly light gardening & weeding out spam :)
This is nice :) It would be nicer if both browsers and password managers had common APIs for integrating such tooling, to avoid the human-in-the-loop problem that phishing sites exploit! We are almost there in multiple ways with webauthn in the browser, environment APIs like ssh-agent / keychain / gnome-keyring to hold credentials but only for SSH... close but no cigar :(
FWIW I use KeePassXC which has an auto-type feature that performs a very similar function to passkb, so personally I don't need an integration like this (KeePassXC also has a browser plug-in for FF and Chrome that takes this human out of the loop for getting phished)
If browsers recognise the fact that blocking password paste is bad, they could just implement a shortcut, similar to Ctrl+v/Cmd+v, which would type text from clipboard (or even inject it directly into DOM). I would just rather have this functionality in the core browser rather than some extension for the reasons described in the article.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
This is nice :) It would be nicer if both browsers and password managers had common APIs for integrating such tooling, to avoid the human-in-the-loop problem that phishing sites exploit! We are almost there in multiple ways with webauthn in the browser, environment APIs like ssh-agent / keychain / gnome-keyring to hold credentials but only for SSH... close but no cigar :(
FWIW I use KeePassXC which has an auto-type feature that performs a very similar function to passkb, so personally I don't need an integration like this (KeePassXC also has a browser plug-in for FF and Chrome that takes this human out of the loop for getting phished)
If browsers recognise the fact that blocking password paste is bad, they could just implement a shortcut, similar to
Ctrl+v/Cmd+v
, which would type text from clipboard (or even inject it directly into DOM). I would just rather have this functionality in the core browser rather than some extension for the reasons described in the article.