TreasuryDirect Virtual Keyboard Remover


If you use TreasuryDirect, you have doubtless run into the virtual keyboard function that requires to enter your account password using the on-screen keyboard. This is to help prevent your password from being read by other programs that have access to your keyboard. While a noble endeavor, if you are following best practice for complex passwords it quickly becomes a burden to enter.

Instead what we can do is use a UserScript, which will remove the read-only attribute from the password input field allowing the password to be entered using your keyboard, or copy and paste from a password manager such as Keepass or 1Password.

Download the TreasuryDirect Virtual Keyboard Remover from my GitLab repository, install it to your favorite UserScripts browser extension, and enable it.

You can also copy and paste it from here:

    // ==UserScript==
    // @name        TreasuryDirect Virtual Keyboard Remover
    // @namespace   Violentmonkey Scripts
    // @match       https://*.treasurydirect.gov/*
    // @grant       none
    // @version     1.0
    // @author      cg
    // @description 1/11/2023, 3:45:38 AM
    // ==/UserScript==
    document.querySelector(".pwordinput").removeAttribute("readonly")
  

A bit more...

If you are interested in more UserScripts and what they can do for you, take a look at the awesome-userscripts list for more information. You will likely need a browser extension, I use and have tested this with ViolentMonkey.

 WARNING

Take care, especially when using UserScripts on websites that have access to your financial information, and frankly any authentication at all (e.g. entering passwords). If you are not savvy with scripts, and willing to accept the risk, a decent rule of thumb is to take a look at the script and see if any URLs are mentioned other than the service (such as TreasuryDirect.gov in this instance). The presence of such URLs may indicate your data is being sent somewhere else.