Too many dots in Safari password fields












16















Safari 12.0.1 (14606.2.104.1.1) / macOS Mojave 10.14.1 (18B75) / both Mac Mini late 2018 and macBookAir late 2018.



Each time I type a character in a password field, instead of being displayed as a unique dot, it generates lots of dots after a micro-delay. I know it's hard to believe, but in the first example below, I have actually typed one single character; in the second one, two characters:



I have typed ONE character



I have typed TWO characters




  • Same behavior on any web page with a password field.

  • Safari only. No problem on Chrome or Firefox.

  • Asking 1Password to fill in the field works. BTW, I thought 1Password was the culprit, but disabling its extension had no effect.

  • Deleting type="password" with Safari's inspector makes the problem disappear, but of course that reveals the typed characters.


So I am left scratching my head. Any lead?










share|improve this question























  • Does it really matter? Is your password being correctly sent to the server, or is an incorrect string being generated?

    – Carl Witthoft
    Jan 23 at 16:45











  • It's the incorrect string which was generated. For instance, if the shortcut was defined as "foobar ", and my password was "love123" (oops!), the password actually sent to the site was "foobar foobar foobar ... foobar".

    – Aristide
    Jan 23 at 16:56
















16















Safari 12.0.1 (14606.2.104.1.1) / macOS Mojave 10.14.1 (18B75) / both Mac Mini late 2018 and macBookAir late 2018.



Each time I type a character in a password field, instead of being displayed as a unique dot, it generates lots of dots after a micro-delay. I know it's hard to believe, but in the first example below, I have actually typed one single character; in the second one, two characters:



I have typed ONE character



I have typed TWO characters




  • Same behavior on any web page with a password field.

  • Safari only. No problem on Chrome or Firefox.

  • Asking 1Password to fill in the field works. BTW, I thought 1Password was the culprit, but disabling its extension had no effect.

  • Deleting type="password" with Safari's inspector makes the problem disappear, but of course that reveals the typed characters.


So I am left scratching my head. Any lead?










share|improve this question























  • Does it really matter? Is your password being correctly sent to the server, or is an incorrect string being generated?

    – Carl Witthoft
    Jan 23 at 16:45











  • It's the incorrect string which was generated. For instance, if the shortcut was defined as "foobar ", and my password was "love123" (oops!), the password actually sent to the site was "foobar foobar foobar ... foobar".

    – Aristide
    Jan 23 at 16:56














16












16








16


1






Safari 12.0.1 (14606.2.104.1.1) / macOS Mojave 10.14.1 (18B75) / both Mac Mini late 2018 and macBookAir late 2018.



Each time I type a character in a password field, instead of being displayed as a unique dot, it generates lots of dots after a micro-delay. I know it's hard to believe, but in the first example below, I have actually typed one single character; in the second one, two characters:



I have typed ONE character



I have typed TWO characters




  • Same behavior on any web page with a password field.

  • Safari only. No problem on Chrome or Firefox.

  • Asking 1Password to fill in the field works. BTW, I thought 1Password was the culprit, but disabling its extension had no effect.

  • Deleting type="password" with Safari's inspector makes the problem disappear, but of course that reveals the typed characters.


So I am left scratching my head. Any lead?










share|improve this question














Safari 12.0.1 (14606.2.104.1.1) / macOS Mojave 10.14.1 (18B75) / both Mac Mini late 2018 and macBookAir late 2018.



Each time I type a character in a password field, instead of being displayed as a unique dot, it generates lots of dots after a micro-delay. I know it's hard to believe, but in the first example below, I have actually typed one single character; in the second one, two characters:



I have typed ONE character



I have typed TWO characters




  • Same behavior on any web page with a password field.

  • Safari only. No problem on Chrome or Firefox.

  • Asking 1Password to fill in the field works. BTW, I thought 1Password was the culprit, but disabling its extension had no effect.

  • Deleting type="password" with Safari's inspector makes the problem disappear, but of course that reveals the typed characters.


So I am left scratching my head. Any lead?







safari password character 1password






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Jan 22 at 10:17









AristideAristide

531511




531511













  • Does it really matter? Is your password being correctly sent to the server, or is an incorrect string being generated?

    – Carl Witthoft
    Jan 23 at 16:45











  • It's the incorrect string which was generated. For instance, if the shortcut was defined as "foobar ", and my password was "love123" (oops!), the password actually sent to the site was "foobar foobar foobar ... foobar".

    – Aristide
    Jan 23 at 16:56



















  • Does it really matter? Is your password being correctly sent to the server, or is an incorrect string being generated?

    – Carl Witthoft
    Jan 23 at 16:45











  • It's the incorrect string which was generated. For instance, if the shortcut was defined as "foobar ", and my password was "love123" (oops!), the password actually sent to the site was "foobar foobar foobar ... foobar".

    – Aristide
    Jan 23 at 16:56

















Does it really matter? Is your password being correctly sent to the server, or is an incorrect string being generated?

– Carl Witthoft
Jan 23 at 16:45





Does it really matter? Is your password being correctly sent to the server, or is an incorrect string being generated?

– Carl Witthoft
Jan 23 at 16:45













It's the incorrect string which was generated. For instance, if the shortcut was defined as "foobar ", and my password was "love123" (oops!), the password actually sent to the site was "foobar foobar foobar ... foobar".

– Aristide
Jan 23 at 16:56





It's the incorrect string which was generated. For instance, if the shortcut was defined as "foobar ", and my password was "love123" (oops!), the password actually sent to the site was "foobar foobar foobar ... foobar".

– Aristide
Jan 23 at 16:56










1 Answer
1






active

oldest

votes


















36














Found it, my fault. I had recently defined a system-wide shortcut associating the symbol "•" to another string. Worst idea ever! As soon as a dot appeared, it was expanded to several characters, all replaced by dots, and so on. Since I usually use 1Password, I only hit the issue a few days after the fact.



Now there's something on the internet in case somebody makes the same mistake :)






share|improve this answer





















  • 6





    Question can only be marked resolved after a self-answer once 2 days have passed....

    – Roddy of the Frozen Peas
    Jan 22 at 16:05






  • 20





    I'm confused how such shortcuts can even possibly apply to a character that isn't actually typed, only shown on screen.

    – grawity
    Jan 22 at 16:54






  • 3





    If the field's value stays accurate, it seems like a nice mitigation against shoulder surfing. Not a really strong defense, but just another defense.

    – mgarciaisaia
    Jan 22 at 19:12






  • 8





    @mgarciaisaia - I've used software that, if I type hunter2 in the password field, I get an almost random number of "dots" showing up on screen. So typing just h might show ••• then u may show , etc...so the length of the password is not same as length of the obfuscated password showing on the screen. I've always wondered why that's not more widespread.

    – BruceWayne
    Jan 22 at 19:19






  • 14





    Sorry - I only see ******* in your first line. Seems StackExchange is filtering out your password :O

    – mgarciaisaia
    Jan 22 at 19:22











Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "118"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fapple.stackexchange.com%2fquestions%2f349298%2ftoo-many-dots-in-safari-password-fields%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









36














Found it, my fault. I had recently defined a system-wide shortcut associating the symbol "•" to another string. Worst idea ever! As soon as a dot appeared, it was expanded to several characters, all replaced by dots, and so on. Since I usually use 1Password, I only hit the issue a few days after the fact.



Now there's something on the internet in case somebody makes the same mistake :)






share|improve this answer





















  • 6





    Question can only be marked resolved after a self-answer once 2 days have passed....

    – Roddy of the Frozen Peas
    Jan 22 at 16:05






  • 20





    I'm confused how such shortcuts can even possibly apply to a character that isn't actually typed, only shown on screen.

    – grawity
    Jan 22 at 16:54






  • 3





    If the field's value stays accurate, it seems like a nice mitigation against shoulder surfing. Not a really strong defense, but just another defense.

    – mgarciaisaia
    Jan 22 at 19:12






  • 8





    @mgarciaisaia - I've used software that, if I type hunter2 in the password field, I get an almost random number of "dots" showing up on screen. So typing just h might show ••• then u may show , etc...so the length of the password is not same as length of the obfuscated password showing on the screen. I've always wondered why that's not more widespread.

    – BruceWayne
    Jan 22 at 19:19






  • 14





    Sorry - I only see ******* in your first line. Seems StackExchange is filtering out your password :O

    – mgarciaisaia
    Jan 22 at 19:22
















36














Found it, my fault. I had recently defined a system-wide shortcut associating the symbol "•" to another string. Worst idea ever! As soon as a dot appeared, it was expanded to several characters, all replaced by dots, and so on. Since I usually use 1Password, I only hit the issue a few days after the fact.



Now there's something on the internet in case somebody makes the same mistake :)






share|improve this answer





















  • 6





    Question can only be marked resolved after a self-answer once 2 days have passed....

    – Roddy of the Frozen Peas
    Jan 22 at 16:05






  • 20





    I'm confused how such shortcuts can even possibly apply to a character that isn't actually typed, only shown on screen.

    – grawity
    Jan 22 at 16:54






  • 3





    If the field's value stays accurate, it seems like a nice mitigation against shoulder surfing. Not a really strong defense, but just another defense.

    – mgarciaisaia
    Jan 22 at 19:12






  • 8





    @mgarciaisaia - I've used software that, if I type hunter2 in the password field, I get an almost random number of "dots" showing up on screen. So typing just h might show ••• then u may show , etc...so the length of the password is not same as length of the obfuscated password showing on the screen. I've always wondered why that's not more widespread.

    – BruceWayne
    Jan 22 at 19:19






  • 14





    Sorry - I only see ******* in your first line. Seems StackExchange is filtering out your password :O

    – mgarciaisaia
    Jan 22 at 19:22














36












36








36







Found it, my fault. I had recently defined a system-wide shortcut associating the symbol "•" to another string. Worst idea ever! As soon as a dot appeared, it was expanded to several characters, all replaced by dots, and so on. Since I usually use 1Password, I only hit the issue a few days after the fact.



Now there's something on the internet in case somebody makes the same mistake :)






share|improve this answer















Found it, my fault. I had recently defined a system-wide shortcut associating the symbol "•" to another string. Worst idea ever! As soon as a dot appeared, it was expanded to several characters, all replaced by dots, and so on. Since I usually use 1Password, I only hit the issue a few days after the fact.



Now there's something on the internet in case somebody makes the same mistake :)







share|improve this answer














share|improve this answer



share|improve this answer








edited Jan 22 at 17:23

























answered Jan 22 at 10:34









AristideAristide

531511




531511








  • 6





    Question can only be marked resolved after a self-answer once 2 days have passed....

    – Roddy of the Frozen Peas
    Jan 22 at 16:05






  • 20





    I'm confused how such shortcuts can even possibly apply to a character that isn't actually typed, only shown on screen.

    – grawity
    Jan 22 at 16:54






  • 3





    If the field's value stays accurate, it seems like a nice mitigation against shoulder surfing. Not a really strong defense, but just another defense.

    – mgarciaisaia
    Jan 22 at 19:12






  • 8





    @mgarciaisaia - I've used software that, if I type hunter2 in the password field, I get an almost random number of "dots" showing up on screen. So typing just h might show ••• then u may show , etc...so the length of the password is not same as length of the obfuscated password showing on the screen. I've always wondered why that's not more widespread.

    – BruceWayne
    Jan 22 at 19:19






  • 14





    Sorry - I only see ******* in your first line. Seems StackExchange is filtering out your password :O

    – mgarciaisaia
    Jan 22 at 19:22














  • 6





    Question can only be marked resolved after a self-answer once 2 days have passed....

    – Roddy of the Frozen Peas
    Jan 22 at 16:05






  • 20





    I'm confused how such shortcuts can even possibly apply to a character that isn't actually typed, only shown on screen.

    – grawity
    Jan 22 at 16:54






  • 3





    If the field's value stays accurate, it seems like a nice mitigation against shoulder surfing. Not a really strong defense, but just another defense.

    – mgarciaisaia
    Jan 22 at 19:12






  • 8





    @mgarciaisaia - I've used software that, if I type hunter2 in the password field, I get an almost random number of "dots" showing up on screen. So typing just h might show ••• then u may show , etc...so the length of the password is not same as length of the obfuscated password showing on the screen. I've always wondered why that's not more widespread.

    – BruceWayne
    Jan 22 at 19:19






  • 14





    Sorry - I only see ******* in your first line. Seems StackExchange is filtering out your password :O

    – mgarciaisaia
    Jan 22 at 19:22








6




6





Question can only be marked resolved after a self-answer once 2 days have passed....

– Roddy of the Frozen Peas
Jan 22 at 16:05





Question can only be marked resolved after a self-answer once 2 days have passed....

– Roddy of the Frozen Peas
Jan 22 at 16:05




20




20





I'm confused how such shortcuts can even possibly apply to a character that isn't actually typed, only shown on screen.

– grawity
Jan 22 at 16:54





I'm confused how such shortcuts can even possibly apply to a character that isn't actually typed, only shown on screen.

– grawity
Jan 22 at 16:54




3




3





If the field's value stays accurate, it seems like a nice mitigation against shoulder surfing. Not a really strong defense, but just another defense.

– mgarciaisaia
Jan 22 at 19:12





If the field's value stays accurate, it seems like a nice mitigation against shoulder surfing. Not a really strong defense, but just another defense.

– mgarciaisaia
Jan 22 at 19:12




8




8





@mgarciaisaia - I've used software that, if I type hunter2 in the password field, I get an almost random number of "dots" showing up on screen. So typing just h might show ••• then u may show , etc...so the length of the password is not same as length of the obfuscated password showing on the screen. I've always wondered why that's not more widespread.

– BruceWayne
Jan 22 at 19:19





@mgarciaisaia - I've used software that, if I type hunter2 in the password field, I get an almost random number of "dots" showing up on screen. So typing just h might show ••• then u may show , etc...so the length of the password is not same as length of the obfuscated password showing on the screen. I've always wondered why that's not more widespread.

– BruceWayne
Jan 22 at 19:19




14




14





Sorry - I only see ******* in your first line. Seems StackExchange is filtering out your password :O

– mgarciaisaia
Jan 22 at 19:22





Sorry - I only see ******* in your first line. Seems StackExchange is filtering out your password :O

– mgarciaisaia
Jan 22 at 19:22


















draft saved

draft discarded




















































Thanks for contributing an answer to Ask Different!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fapple.stackexchange.com%2fquestions%2f349298%2ftoo-many-dots-in-safari-password-fields%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

Probability when a professor distributes a quiz and homework assignment to a class of n students.

Aardman Animations

Are they similar matrix