I see nothing wrong with copy/paste. On Android it is a security risk, because apps can get notified and wake up when it happens, but Keepass2Android that I mentioned provides a keyboard for input which works better than 1Password.

And on desktops, I just don't think it's a real threat. Bruce Schneider doesn't thinks so either, while at the same time he recommends against auto-fill: https://www.schneier.com/blog/archives/2014/09/security_of_p...

But even so, KeeWeb and KeePass give you this "auto-type" facility that types the password for you in any password field, without going through copy/paste. It's not much, but it works if you're worried.

There are browser extensions that interface with KeePass to do what you are asking.

I don't use them, I simply use KeePass' autotype feature.

I'd like to see websites make copy/paste easier by allowing you to enter user name and password in a combined field. Have separate fields that can be used the normal way, but also allow submission with the username field left blank and the password field containing username:password.

For example, Lastpass recently had an exploit in their extension: https://news.ycombinator.com/item?id=12171547