[Matterrr]

> Open partial-password.github.io & copy-paste your password there.

Sounds like a great idea, let's all paste our bank passwords in this website!

Banks have peculiar ideas about security sometimes, I don't think this partial password business will have a net positive effect (especially if people use "solutions" like these and potentially send their password to a third party)

[deepspace]

Exactly this. I have the misfortune of occasionally needing to deal with an online banking portal (located in South Africa) that uses this stupid scheme. Every time I log in, I wish an eternity of torture on the idiots who came up with it.

I just cannot imagine the thought process of the people who though that partial passwords could be better in any way than classic passwords.

[WorldMaker]

Banks especially seem heavily "invested" in finding the biggest/laziest loopholes in security laws that they can and driving forklifts through them for as long as possible.

In the 90s, laws in multiple countries asked banks to research and implement Two-Factor security. They invented all of these stupid, stupid Wish-It-Were-Two-Factor things that are not Two-Factor but "feel Two-Factor enough" to avoid actually deploying proper 2FA, but avoid security fines: "Security Questions" (bonus passwords, still 1FA), multi-step login with "user selected pictures" (not an extra factor, just a silly memory game to potentially cut down on phishing), "partial passwords" (still 1FA).

(Then other idiot sites copy these "security best practices" because Banks use them, rather than actual security best practices.)

It is starting to seem like a lot of the money spent on the development effort of these "not 2FA" workarounds and portal workflows could easily have just paid for sending every bank customer a YubiKey or three by now.

[fjeuplos]

https://github.com/ByteDev/ByteDev.PasswordMask

Similar thing but .NET windows app.

And yes pasting your password into some guys website is ridiculous :p