Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

BlackBerry® Z10

Reply
Trusted Contributor
Posts: 210
Registered: ‎03-17-2013
My Device: Z-10
My Carrier: T-Mobile

Serious Problem: Password Paste NOT ALLOWED

[ Edited ]

Easily reproduced.

 

1. Go to one of the built-in services you have not activated (e.g. Linked IN, etc)

 

2. Hold down your finger in the EMAIL (login) box.  Note the right sidebar comes up.  If there is no text in the keyboard buffer the paste function will be grayed out, but it's there.  If there IS text in the keyboard buffer you can paste it.

 

3. Now hold down your finger in the PASSWORD box.  Note that the right sidebar DOES NOT come up.  You thus CANNOT paste into the password field.  Clicking the "eye" (to reveal a keyed password) does not change this.

 

This SUCKS and it's a deliberate decision on the part of Blackberry.  They need to fix this pronto as it makes any sort of "password wallet" worthless on the Z-10.

Market Information? Come read The Market Ticker!
Elite II
Posts: 8,978
Registered: ‎01-05-2009
My Device: BlackBerry Z30
My Carrier: Rogers

Re: Serious Problem: Password Paste NOT ALLOWED

I would say it's an improvement in security. I kind of like knowing that someone else can't pick up my phone and login to sites using my passwords.


Just my two cents' worth. Smiley Happy

- If my response has helped you, please click "Options" beside my post and mark it as solved. Clicking the "thumbs up" icon near the bottom of my response would also be appreciated.



Highlighted
Trusted Contributor
Posts: 210
Registered: ‎03-17-2013
My Device: Z-10
My Carrier: T-Mobile

Re: Serious Problem: Password Paste NOT ALLOWED

[ Edited ]

How is that an improvement?

 

You STILL can't pick up someone's phone and login into their sites "using" their passwords as once they're entered you can't see them.

 

This idiocy causes those of us who use pseudo-random password generators where EACH site we sign into has a different password real pain.  It tends to make people's passwords LESS secure, as they will choose something they remember instead.  The entire concept of a "password wallet" (which Blackberry has in its online store, along with others such as KeePass) becomes pointless if you can't paste a password into a password field!

 

This is a clear screw-up on Blackberry's part and they darn well ought to fix it immediately.  It's one that I was talking about back when the Playbook was first released and then the software was updated (the same problem exists there) and yet here we are with the Z-10 and it remains.

 

Strong passwords need to be things that are very difficult to guess.  The best strong passwords are ones that are only used in ONE place, so if the service you use them on fails to implement strong security on THEIR end (which you cannot control) the leak by THEM doesn't harm you beyond their border.  While most people can remember a few long and strong mnenomic passwords it is basically impossible to remember dozens of strong mnenomic passwords and which go with what site or service.  Thus, the best strategy is an encrypted password wallet that generates random VERY strong passwords and which is protected by one very strong, mnemonic password you remember.

 

But this strategy requires that the device permit you to cut and paste said passwords as required into the password fields.  Blackberry intentionally violated that premise and as such has done severe damage to the overall data security of its customers.

 

This is a decision they can and should immediately reverse as it is a massive black mark on what is otherwise an excellent device and operating system.

Market Information? Come read The Market Ticker!
Posts: 95,198
Likes: 24,505
Solutions: 6,380
Registered: ‎04-01-2008
My Device: Passport • Z30 • Z10 • Torch9850 • Playbook
My Carrier: Verizon

Re: Serious Problem: Password Paste NOT ALLOWED

"idiocy"?

I guess you do feel strong about this.



1. If any post helps you please click the Like Button below the post(s) that helped you.
2. Please resolve your thread by marking the post "Solution?" which solved it for you!
3. Install free BlackBerry Protect today for backups of contacts and data.
4. Guide to Unlocking your BlackBerry & Unlock Codes
Join our BBM Channels (Beta)
BlackBerry Support Forums Channel
PIN: C0001B7B4   Display/Scan Bar Code
Knowledge Base Updates
PIN: C0005A9AA   Display/Scan Bar Code
Trusted Contributor
Posts: 109
Registered: ‎04-01-2013
My Device: 9900 + Z30 (STA 100-5)
My Carrier: AT&T

Re: Serious Problem: Password Paste NOT ALLOWED

I guess he got really emotional, but I totally support his point of view.
Not only email password, but we cannot paste WEP/WPA2 key? Come on.. Who makes their network password a dictionary word? It is usually very long, either numbers, or some random mix of numbers, characters, etc.. That's really annoying that we cannot paste information into password field.

For site-wise password storage, we will have to push LastPass to come out with BB10 app, and then I wouldn't complain at all...
Trusted Contributor
Posts: 210
Registered: ‎03-17-2013
My Device: Z-10
My Carrier: T-Mobile

Re: Serious Problem: Password Paste NOT ALLOWED

It's stupid, period.

 

Whoever came up with this should be taken out back, fired, and their stock options burned for heat.

 

Whoever failed to fix this knowing it was a problem in the Playbook.... that's inexcusable.  They had two years .

 

This is the sort of thing that does severe damage to app makers too.  If Amazon ever comes out with a native app for the BB10 I won't use it because I can't log in.  I can from the web page, and will.  But I will never use their app until I can paste my password into the app to order.  Today I can't do that because Blackberry blocked it.

 

If you're an app developer it is precisely this sort of stupidity that will drive you away, permanently, because your customers get pissed off and that's bad for business.

Market Information? Come read The Market Ticker!
Trusted Contributor
Posts: 109
Registered: ‎04-01-2013
My Device: 9900 + Z30 (STA 100-5)
My Carrier: AT&T

Re: Serious Problem: Password Paste NOT ALLOWED

ticker,
I am with you on this but sadly once you mentioned Amazon I had to stop you there. The copy/paste functionality will depend on app developer, if they allowed or put it there or not.

Right now I am using Amazon app, sideloaded version, and I can easily paste my password into Amazon App and go shopping.. The only downside of Amazon App (Sideload) that barcode reader does not work.
Trusted Contributor
Posts: 210
Registered: ‎03-17-2013
My Device: Z-10
My Carrier: T-Mobile

Re: Serious Problem: Password Paste NOT ALLOWED

Yes, sideloaded will work as it's an Android app.

 

If they release a NATIVE app it will not work, because the call for a password in the native API will block it.

Market Information? Come read The Market Ticker!
Trusted Contributor
Posts: 109
Registered: ‎04-01-2013
My Device: 9900 + Z30 (STA 100-5)
My Carrier: AT&T

Re: Serious Problem: Password Paste NOT ALLOWED

[ Edited ]

I believe there is a difference between "Native App" and "Blackberry Developed App" or an app that uses BB API.
Applications like Linked In, Browser, etc are developed by Blackberry, it looks like they use default rules.

I just checked, you can paste password in Foursquare (native, OEM) app, TuneIn app, even browser web pages like Yahoo mail, etc..
It looks like while both LinkedIn and Foursquare are built in apps that come by default, they are programmed differently. Maybe because LinkedIn is considered an e-mail account (syncing to hub) and Foursquare is not? Obviously there is a difference, but it is still a major issue not being able to paste e-mail password, or wifi passcode.

I believe you will have no problems with Amazon app when (if ever) it arrives. It looks like natives apps from BB World support password pasting.

Trusted Contributor
Posts: 210
Registered: ‎03-17-2013
My Device: Z-10
My Carrier: T-Mobile

Re: Serious Problem: Password Paste NOT ALLOWED

I can paste into Slacker's password field, so there is clearly a switch somewhere in the API here.

 

This remains something stupid that Blackberry needs to fix.  It made setting up those native apps a royal pain in the butt as all of my passwords for various things are non-duplicated 20-character random strings!

Market Information? Come read The Market Ticker!