Bug: OmniWeb enables Secure Input when it shouldn’t


In macOS, there is a feature called Secure Input which, when enabled, blocks Accessibility to the keyboard input to prevent key logging. This feature is typically enabled by an application when the key text field is a password field.

OmniWeb does this, too, as it should. However, sometimes (I could not reproduce when, so far) OmniWeb also enables Secure Input when it shouldn’t (or at least does not disable it again when it should, i.e. when the password text field is no longer the key field). In this case, the only way to end the blocking (at least the only way that I found) is to quit OmniWeb.

This becomes a problem when other apps need the Accessibility feature for their functionality.

For instance, TextExpander is an app which replaces abbreviations with text snippets. It does not work anymore when OmniWeb erroneously enables Secure Input. In this case, TextExpander displays a notification explaining the issue, which is how I found out about the problem.

Here is the notification of TextExpander:

TextExpander Disabled by Secure Input

Secure event input is enabled when you type in a password field (●●●) and in other instances by certain applications. Secure input prevents keylogging malware from recording passwords, but it also prevents snippet expansion.

Secure input was recently enabled by OmniWeb.

If secure input remains enabled after you exit a password field, TextExpander will not be able to expand your snippets. Try quitting the application that enabled secure input.