-
-
Save nikolaplejic/3654637 to your computer and use it in GitHub Desktop.
| PayPal blocks copy/paste actions in their "change password" form, | |
| citing some irrelevant security issues as the reason. That's a | |
| load of crap, and they know it -- disabling copy/paste makes it a | |
| lot harder to use a decent password generator and a lot easier to | |
| screw up your pwd when retyping, especially if it's a long one | |
| (as it should be!). | |
| So, here's the quick'n'dirty way to use an externally generated | |
| password in your PayPal account: | |
| * open the change password form; | |
| * open up the console in your browser of choice (recent versions | |
| of Firefox: CTRL+Shift+K, Chrome/Chromium: CTRL+Shift+J); | |
| * you should see an input form at the bottom of the console; | |
| copy/paste each of the following lines, replacing the string | |
| "password" with your desired pwd and hitting enter after each | |
| one: | |
| document.getElementById("new_password").value = "password"; | |
| document.getElementById("retype_password").value = "password"; | |
| * close the console by pressing the relevant key combo once | |
| again, submit the form & voilà! |
$("#new_password").val("yournewpassword");
$("#retype_password").val("yournewpassword");
from console works
Update: Same old security theatre, shiny new selector
document.getElementById("pwdID").value = "password";
document.getElementById("retype_password").value = "password";
Must be 8-20 characters.
Here we go again:
document.getElementById("password").value = "password";
document.getElementById("retypepassword").value = "password";
Values are pwdID and retype_password.
And we entrust them to our credit cards? lol
Thanks for the Gist
IDs have changed again. They now are newPassword and confirmNewPassword
I had to tryhard a few document.getElementsByTagName("input")[16].id; to find out. |_|
Thanks for updated IDs!
this should work with all the ids:
var pw = "password";
if (pw.length < 8) { alert("Password too short!\nMin 8 chars!"); return; }
else if (pw.length > 20 { alert("Password too long!\nMax 20 chars!"); return; }
var ids = ["pwdID", "retype_password", "newPassword", "confirmNewPassword", "password", "retypepassword"];
var arrayLength = ids.length;
for (var i = 0; i < arrayLength; i++) {
document.getElementById(ids[i]).value = pw;
}
document.getElementById("change_password").removeAttribute("disabled")
//document.getElementsByName("validatePwdForm")[0].submit();
Apparently PayPal isn't too happy when one calls them and complains about this retarded "security" feature. I believe the fact that I was reading this while on hold didn't help much because they now think I'm intending to "hack the PayPal website if that's even possible"(the consultant's words, not mine). Ah well, I should probably make that payment before I get suspended.