

My Email to Paypal - menelaus35

I write this to Paypal after having trouble while changing my password. I don&#x27;t think they&#x27;ll take it seriously but maybe someone here may find it interesting..<p>My email:<p>-------------------------------
Hi,
I&#x27;ve changed my password recently, that&#x27;s ok. The reason I&#x27;m writing not about unresolved issue, it&#x27;s about UX design on password change page. You want to make user to write password without paste. I want to paste it, why do you care? What is the benefit of writing it  for the matter of security? I don&#x27;t name one but maybe you think of something I didn&#x27;t think. Let me tell you something you obviously couldn&#x27;t think while designing page;
 I USE PASSWORD MANAGER! and I WANTED TO MAKE MY PASSWORD MORE SECURE BY GENERATING 20 CHARS LONG PASSWORD. HOW CAN I TYPE IT WITHOUT MAKING MISTAKE ?<p>This was my issue. I solved but not by typing. I open the developer console and inspect your password field. Just change the values by the following code;<p>document.querySelector( &#x27;#pwdID&#x27; ).value = &#x27;MY_LONG_PASSWORD&#x27;;
document.querySelector( &#x27;#retype_password&#x27; ).value = &#x27;MY_LONG_PASSWORD&#x27;;<p>I didn&#x27;t make any mistake and successfully changed my password. I solved my issue but I&#x27;m a developer and I can find this solution. What about a user who is not a developer but assume he&#x2F;she uses password manager like me, what can he&#x2F;she do in that situation?<p>( 
While answering (or just reading) this, please open the same page and type this in that both field without making mistake =ntRKL&lt;@O;&lt;p1[13c%\5 
)<p>Thanks
-------------------------------<p>This is the screenshot for contact form if anyone is wondering:<p>http:&#x2F;&#x2F;imgur.com&#x2F;yNp0RDI
======
mattwritescode
I hope this isn't your paypal password :P

    
    
       =ntRKL<@O;<p1[13c%\5 )

~~~
menelaus35
nope :) ( I tried to make this one as complex as possible with KeePassX )

------
talles
The only time that I thing (note the _I_ ) is legit to restrict pasting is on
an email confirmation field (only on confirmation).

Nowadays your email is more important than your password, and an email is
usually rather simple to type.

------
CookieMuncher
Interesting content,yet the tone could be improved. Thanks for sharing!

For example, "Let me tell you something you obviously couldn't think while
designing page" comes off as condescending.

------
howdoipython
I really hope you don't treat everyone who makes mistakes like this. While the
content is definitely interesting you're being quite demeaning.

~~~
menelaus35
I don't treat anyone like this but I thought maybe they take it seriously if
it's written like this.( not justify it.. ) I don't think anyone at Paypal
offend from this. I didn't mean it while writing actually. If it's too much,
forgive me for not being native english speaker. Anyway, not allowing to paste
seems not ok for a giant tech company Paypal. In my country banks have similar
stupid forms and ways to "protect" people I don't think it's helping but to
day I didn't complain any of them. Because I know almost nobody take it
contact forms like this seriously. For this case I wanted to make it
interesting, maybe it'll get to somebody there.

------
dafnap
Thanks for sharing this!

