Some sites such as British Gas claim the reason they have disabled pasting in passwords is they would loose their security certificate as it exposes them to brute force (hacking) attacks. GE Capital just says “for security reasons”.
Well apparently someone didn’t think this through very well. If people are not going to be allowed to paste in their super secure passwords…guess what is going to happen? They will use a (less secure) password they can remember, which kinda defeats the claim “for security reasons”. Some claim that Malware could be installed by hackers that could intercept the Windows clipboard thus allowing hackers to gain your password in that manner. However, it is much easier for a hacker to put keystroke tracking Malware on someone’s system. Which is why people opt to paste their password or use a password manager.
So now these companies that think they are doing their users a favor by forcing them to type in their password (given the assumption that pasting isn’t secure) are actually making their users less secure…Brilliant!