Disable clipboard events override in Firefox

Everyone encountered at least once a form that ask you to confirm your password or email address to check you didn't make some mistake when re-typing it.

But it's not rare at all to have those websites overriding the paste JavaScript event to prevent you from copying the previous password and paste and so copying your mistake and make the 2nd check useless.

So it's more safe right?

It's a good idea (or at least a good intention) IF you're typing your password manually.

But a more secure approach is to use a password manager, even better an offline password manager (not cloud based without browser integration) like KeepassXC and to pick a very long and strong password with all those special characters.

But wait a minute! You are disabled to paste anything and your password is so long and complex to write manually, there is a 100% chance you make a mistake by trying to write it manually.

That sucks right? This paste event block is preventing users to use a password manager which is a more secure approach.

Note to web dev: please stop to override paste event on the 2nd field, instead you can still prevent the copy event from the 1st field. It's already a little better.

But we are blocked right? We don't either want to copy the 50 char long password manually nor to stop using our password manager and re-use weak rockyou passwords again.

If you are a Firefox user, good news! I have the solution! We will disable clipboard event override:

  1. Go into about:config
  2. Write dom.event.clipboardevents.enabled
  3. Double click the value to change it from true to false

Now websites can't override any clipboard events!

If you wonder if this trick can break some behavior, I think not. Because, most of the time, clipboard events are used to:

So either way we don't want it. Instead it will even harden your browser a little bit.

Share