I hope this is the right place to ask this - it is about security philosophy - not the 1Password software. - I use 1PW as my Password Manager. I have two banking sites I use and use 1PW to bring up the login page for each and to fill in the userid field. I need to provide the passwords to these sites manually because they both provide an on-screen keyboard and mouse click to select characters - to avoid keystroke loggers.
My question is about the effectiveness of this approach to security - presumably this mechanism prevents capture of my password ?
The sites in question - westpac.com.au and ingdirect.com.au have limits on password complexity - westpac password must be 6 alpha-numeric characters in length - at least one numeric digit and ING is worse - must be a four digit number !
Presumably if ever their sites got hacked and the hashed passwords stolen, it would be simple work to get the original passwords.
I'm interested in your opinion about the security approach of these banks have adopted.