[aur-dev] [PATCH] Let the user verify their email address
On registering and updating an email address, the user has to type their
email address twice. Do not allow autocomplete and pasting in the
verification field.
Fixes FS#45792.
Signed-off-by: Marcel Korpel
* Marcel Korpel
+<script> +var verify_field = document.getElementById('id_email_verify'); +verify_field.addEventListener('paste', function (e) { + e.preventDefault(); +}, false); +</script>
Note that this (ugly) hack currently does not work in Firefox, it allows copy-pasting anyway, making this verification completely useless.
On Mon, 17 Aug 2015 00:54:54 +0200
Marcel Korpel
On registering and updating an email address, the user has to type their email address twice. Do not allow autocomplete and pasting in the verification field.
Please, do NOT forbid pasting in any field! Some of us (many, perhaps?) use information managers for passwords, usernames, and emails that paste or type such things in for us, specifically so that we do not get things wrong typing them in ourselves. -- ~Celti
* "Patrick Burroughs (Celti)"
On Mon, 17 Aug 2015 00:54:54 +0200 Marcel Korpel
wrote: On registering and updating an email address, the user has to type their email address twice. Do not allow autocomplete and pasting in the verification field.
Please, do NOT forbid pasting in any field! Some of us (many, perhaps?) use information managers for passwords, usernames, and emails that paste or type such things in for us, specifically so that we do not get things wrong typing them in ourselves.
I completely understand your frustration, I really hate it, too, but to let someone confirm their email address allowing copy-pasting would make the check useless. Then we can just drop this patch and live with FS#45792. Any thoughts on this?
On Sun, Aug 16, 2015 at 7:04 PM, Marcel Korpel
* "Patrick Burroughs (Celti)"
(Sun, 16 Aug 2015 15:59:38 -0700): On Mon, 17 Aug 2015 00:54:54 +0200 Marcel Korpel
wrote: On registering and updating an email address, the user has to type their email address twice. Do not allow autocomplete and pasting in the verification field.
Please, do NOT forbid pasting in any field! Some of us (many, perhaps?) use information managers for passwords, usernames, and emails that paste or type such things in for us, specifically so that we do not get things wrong typing them in ourselves.
I completely understand your frustration, I really hate it, too, but to let someone confirm their email address allowing copy-pasting would make the check useless. Then we can just drop this patch and live with FS#45792.
Any thoughts on this?
As far as I am concerned, do whatever you want. Lastpass overrides the autocomplete=off setting, anyway. -- Eli Schwartz
On Sun 16 Aug 2015 19:24 -0400, Eli Schwartz wrote:
On Sun, Aug 16, 2015 at 7:04 PM, Marcel Korpel
wrote: * "Patrick Burroughs (Celti)"
(Sun, 16 Aug 2015 15:59:38 -0700): On Mon, 17 Aug 2015 00:54:54 +0200 Marcel Korpel
wrote: On registering and updating an email address, the user has to type their email address twice. Do not allow autocomplete and pasting in the verification field.
Please, do NOT forbid pasting in any field! Some of us (many, perhaps?) use information managers for passwords, usernames, and emails that paste or type such things in for us, specifically so that we do not get things wrong typing them in ourselves.
I completely understand your frustration, I really hate it, too, but to let someone confirm their email address allowing copy-pasting would make the check useless. Then we can just drop this patch and live with FS#45792.
Any thoughts on this?
As far as I am concerned, do whatever you want. Lastpass overrides the autocomplete=off setting, anyway.
I'd prefer not to add ugly javascript hacks that only work in one or another browser that only serves to babysit users.
On Mon, 17 Aug 2015 at 02:42:31, Loui Chang wrote:
On Sun 16 Aug 2015 19:24 -0400, Eli Schwartz wrote:
On Sun, Aug 16, 2015 at 7:04 PM, Marcel Korpel
wrote: [...] I completely understand your frustration, I really hate it, too, but to let someone confirm their email address allowing copy-pasting would make the check useless. Then we can just drop this patch and live with FS#45792.
Any thoughts on this?
As far as I am concerned, do whatever you want. Lastpass overrides the autocomplete=off setting, anyway.
I'd prefer not to add ugly javascript hacks that only work in one or another browser that only serves to babysit users.
Agreed, we should not dictate whether the user can copy-paste data or not. The duplicate field makes it clear that it is important to get the email address right. If a user decides to bypass the check, so be it. I wonder whether, instead of (in addition to?) this patch, we should add a notice that getting the email address right is very important and that you will be locked out without any chance to recover if you make a typo.
* Lukas Fleischer
On Mon, 17 Aug 2015 at 02:42:31, Loui Chang wrote:
On Sun 16 Aug 2015 19:24 -0400, Eli Schwartz wrote:
On Sun, Aug 16, 2015 at 7:04 PM, Marcel Korpel
wrote: [...] I completely understand your frustration, I really hate it, too, but to let someone confirm their email address allowing copy-pasting would make the check useless. Then we can just drop this patch and live with FS#45792.
Any thoughts on this?
As far as I am concerned, do whatever you want. Lastpass overrides the autocomplete=off setting, anyway.
I'd prefer not to add ugly javascript hacks that only work in one or another browser that only serves to babysit users.
Agreed, we should not dictate whether the user can copy-paste data or not. The duplicate field makes it clear that it is important to get the email address right. If a user decides to bypass the check, so be it.
Phew, actually I'm glad you dislike this stupid behaviour.
I wonder whether, instead of (in addition to?) this patch, we should add a notice that getting the email address right is very important and that you will be locked out without any chance to recover if you make a typo.
I'm more in favour of a message only, entering email addresses twice is a nuisance and if you can copy-paste the data, it doesn't serve a purpose other then to frustrate a user (I fear lots of people don't understand the meaning of the same field twice). Instead showing a notice seems better to me, though it doesn't look that nice: https://ptpb.pw/em7S.png Suggestions?
On Mon 17 Aug 2015 09:53 +0200, Marcel Korpel wrote:
I'm more in favour of a message only, entering email addresses twice is a nuisance and if you can copy-paste the data, it doesn't serve a purpose other then to frustrate a user (I fear lots of people don't understand the meaning of the same field twice).
Instead showing a notice seems better to me, though it doesn't look that nice: https://ptpb.pw/em7S.png
Looks good to me.
participants (5)
-
Eli Schwartz
-
Loui Chang
-
Lukas Fleischer
-
Marcel Korpel
-
Patrick Burroughs (Celti)