Oauth2 password copy requires extra chars

POP Peeper: Tech support, suggestions, discussion, etc.
Post Reply
gordon
Posts: 208
Joined: Tue Sep 02, 2008 6:43 pm

Oauth2 password copy requires extra chars

Post by gordon »

When setting up Oauth2, you need to input the password.
If you simply do copy and paste, it will fail.
If you instead copy then enter a few random chars and highlight
those chars with mouse and then paste, it will paste password.
Really non intuitive. :-(
Is this a feature in Oauth2 or PP?

Seems this was previously discussed, but could not find it.
User avatar
mjs
Moderator
Posts: 2216
Joined: Sun Jul 17, 2011 2:36 am

Re: Oauth2 password copy requires extra chars

Post by mjs »

I just re-authorized an account (Yahoo in this case) and was able to paste a copied password (copied from Windows Notepad) into the Yahoo password prompt to successfully process the Oauth2 procedure. To be clear - you are talking about pasting the password (that you have copied from somewhere that you keep a copy) into the Yahoo (in this case) password prompt during the procedure to set Oauth2?

What Email Service are you using? (we can possibly test for the specific Email Service you're using)
Good judgment comes from experience and a lot of that comes from bad judgment. - Will Rogers
gordon
Posts: 208
Joined: Tue Sep 02, 2008 6:43 pm

Re: Oauth2 password copy requires extra chars

Post by gordon »

Yes I copied a password from lastpass and tried to paste it into
outlook.com Oauth2
thanks
mjs wrote: Mon Jul 11, 2022 12:59 pm I just re-authorized an account (Yahoo in this case) and was able to paste a copied password (copied from Windows Notepad) into the Yahoo password prompt to successfully process the Oauth2 procedure. To be clear - you are talking about pasting the password (that you have copied from somewhere that you keep a copy) into the Yahoo (in this case) password prompt during the procedure to set Oauth2?

What Email Service are you using? (I can possibly test for the specific Email Service to see what I get)
User avatar
Jeff
Admin / Developer
Posts: 9227
Joined: Sat Sep 08, 2001 9:46 pm

Re: Oauth2 password copy requires extra chars

Post by Jeff »

I just confirmed a copy/paste with an Outlook account and no problem here. Maybe the problem is what's copied from lastpass? After copying it from there, paste it into notepad and confirm that it's pasting the correct password (edit: with no extra spaces or other "invisible" characters)
gordon
Posts: 208
Joined: Tue Sep 02, 2008 6:43 pm

Re: Oauth2 password copy requires extra chars

Post by gordon »

Jeff wrote: Mon Jul 11, 2022 2:27 pm I just confirmed a copy/paste with an Outlook account and no problem here. Maybe the problem is what's copied from lastpass? After copying it from there, paste it into notepad and confirm that it's pasting the correct password (edit: with no extra spaces or other "invisible" characters)
Yes I tried all that, the copy worked, the problem is pasting to Oauth2
The paste button is greyed out.
This is how I worked around this feature.
1) in the Oauth2 password field, type "0"
2) the password field is no longer greyed out
3) paste password
4) select the first char in the password field using the mouse
5) backspace
6) continue successfully
User avatar
mjs
Moderator
Posts: 2216
Joined: Sun Jul 17, 2011 2:36 am

Re: Oauth2 password copy requires extra chars

Post by mjs »

I can confirm using Outlook.com that the right-click "Paste" option is disabled (even though I have copied the password to the clipboard) and yet I can use the right-click "Paste" option in Notepad to paste the saved password into Notepad numerous times successfully (that I have copied from Notepad). It is interesting that this did not occur when I previously tested (and confirmed once again just now) using Yahoo (the right-click "Paste" function is not disabled when setting OAuth2 in Yahoo).

An easier way to accomplish the "Paste" to the Password prompt is to use "CTRL+V" - simply place your cursor in the Password prompt you get via the Outlook.com dialog when setting OAuth2 and hold down the CTRL+V keys to paste the saved password into the Password prompt (assuming you have copied the correct password directly preceding this so that the correct password is saved on the Windows clipboard).

Screen-shots:
The right-click menu "Paste" option is "greyed out" (disabled) as you state.
The right-click menu "Paste" option is "greyed out" (disabled) as you state.
So by placing the cursor in the Password box prompt and pressing CTRL+V (keyboard shortcut that will paste the contents of the clipboard into any editable field) will get the same results via one step that you doing using several steps. Note: CTRL+C and CTRL+V are common shortcuts for doing a "Copy" and "Paste", respectively.
Attachments
What you get by pressing CTRL+V in the password prompt.
What you get by pressing CTRL+V in the password prompt.
Last edited by mjs on Mon Jul 11, 2022 7:36 pm, edited 1 time in total.
Reason: Edited to correct typo (changed "Copy" to "Paste" in first line)
Good judgment comes from experience and a lot of that comes from bad judgment. - Will Rogers
gordon
Posts: 208
Joined: Tue Sep 02, 2008 6:43 pm

Re: Oauth2 password copy requires extra chars

Post by gordon »

Googling this problem, I found this:
https://www.elevenforum.com/t/general-q ... words.381/

They say blocking copy/paste a password is Microsoft's plan to add security. :-(
User avatar
mjs
Moderator
Posts: 2216
Joined: Sun Jul 17, 2011 2:36 am

Re: Oauth2 password copy requires extra chars

Post by mjs »

Thanks for the feedback gordon - the eleven-forum topic starts out with the comment "Minor issue but really annoying.". Yes, it sure IS!!!

Off-topic a bit:
An MSN (Hotmail account) started spewing invalid password errors in my Email Client this afternoon (after always working just fine before including the entire morning using the same password and still worked to login on the Web). Tried changing the password - no help, finally was forced to generate an "App Password" to get the account to work. And in so doing MS needed a 2nd alternate method to verify me (besides my current alternate email address of record for the account) - so I had to produce two email addresses to get my code to verify and then MS generates a totally new 16 digit "Recovery Code" as well for this email account (to replace my former "Recovery Code" that I wasn't aware of) during the process of generating the "App Password" - all just to get the account to work in the Email Client (that happily worked fine up until just a few hours ago).

The problem is, I guess they've got a staff of people that have nothing to do but dream-up ways to "improve" security that results in making it that much more difficult for users to use their software.... :( While I was going through all of the above - I noticed they're now pushing the use of some kind of "verification code generator" app (as I recall) to be (optionally) used instead of using cell-phone text or email to get verification codes. #-o
Good judgment comes from experience and a lot of that comes from bad judgment. - Will Rogers
Post Reply