04-01-2013 10:33 AM - edited 04-01-2013 10:34 AM
1. Go to one of the built-in services you have not activated (e.g. Linked IN, etc)
2. Hold down your finger in the EMAIL (login) box. Note the right sidebar comes up. If there is no text in the keyboard buffer the paste function will be grayed out, but it's there. If there IS text in the keyboard buffer you can paste it.
3. Now hold down your finger in the PASSWORD box. Note that the right sidebar DOES NOT come up. You thus CANNOT paste into the password field. Clicking the "eye" (to reveal a keyed password) does not change this.
This SUCKS and it's a deliberate decision on the part of Blackberry. They need to fix this pronto as it makes any sort of "password wallet" worthless on the Z-10.
04-01-2013 10:53 AM
04-01-2013 11:28 AM - edited 04-01-2013 11:43 AM
How is that an improvement?
You STILL can't pick up someone's phone and login into their sites "using" their passwords as once they're entered you can't see them.
This idiocy causes those of us who use pseudo-random password generators where EACH site we sign into has a different password real pain. It tends to make people's passwords LESS secure, as they will choose something they remember instead. The entire concept of a "password wallet" (which Blackberry has in its online store, along with others such as KeePass) becomes pointless if you can't paste a password into a password field!
This is a clear screw-up on Blackberry's part and they darn well ought to fix it immediately. It's one that I was talking about back when the Playbook was first released and then the software was updated (the same problem exists there) and yet here we are with the Z-10 and it remains.
Strong passwords need to be things that are very difficult to guess. The best strong passwords are ones that are only used in ONE place, so if the service you use them on fails to implement strong security on THEIR end (which you cannot control) the leak by THEM doesn't harm you beyond their border. While most people can remember a few long and strong mnenomic passwords it is basically impossible to remember dozens of strong mnenomic passwords and which go with what site or service. Thus, the best strategy is an encrypted password wallet that generates random VERY strong passwords and which is protected by one very strong, mnemonic password you remember.
But this strategy requires that the device permit you to cut and paste said passwords as required into the password fields. Blackberry intentionally violated that premise and as such has done severe damage to the overall data security of its customers.
This is a decision they can and should immediately reverse as it is a massive black mark on what is otherwise an excellent device and operating system.
04-01-2013 12:17 PM
I guess you do feel strong about this.
PIN: C0001B7B4 Display/Scan Bar Code
PIN: C0005A9AA Display/Scan Bar Code
04-01-2013 01:30 PM
04-01-2013 02:15 PM
It's stupid, period.
Whoever came up with this should be taken out back, fired, and their stock options burned for heat.
Whoever failed to fix this knowing it was a problem in the Playbook.... that's inexcusable. They had two years .
This is the sort of thing that does severe damage to app makers too. If Amazon ever comes out with a native app for the BB10 I won't use it because I can't log in. I can from the web page, and will. But I will never use their app until I can paste my password into the app to order. Today I can't do that because Blackberry blocked it.
If you're an app developer it is precisely this sort of stupidity that will drive you away, permanently, because your customers get pissed off and that's bad for business.
04-01-2013 02:33 PM
04-01-2013 03:12 PM
Yes, sideloaded will work as it's an Android app.
If they release a NATIVE app it will not work, because the call for a password in the native API will block it.
04-01-2013 03:38 PM - edited 04-01-2013 03:38 PM
I believe there is a difference between "Native App" and "Blackberry Developed App" or an app that uses BB API.
Applications like Linked In, Browser, etc are developed by Blackberry, it looks like they use default rules.
I just checked, you can paste password in Foursquare (native, OEM) app, TuneIn app, even browser web pages like Yahoo mail, etc..
It looks like while both LinkedIn and Foursquare are built in apps that come by default, they are programmed differently. Maybe because LinkedIn is considered an e-mail account (syncing to hub) and Foursquare is not? Obviously there is a difference, but it is still a major issue not being able to paste e-mail password, or wifi passcode.
I believe you will have no problems with Amazon app when (if ever) it arrives. It looks like natives apps from BB World support password pasting.
04-01-2013 04:10 PM
I can paste into Slacker's password field, so there is clearly a switch somewhere in the API here.
This remains something stupid that Blackberry needs to fix. It made setting up those native apps a royal pain in the butt as all of my passwords for various things are non-duplicated 20-character random strings!