The commented out section is a "proper" way to do it. It inserts a new textbox into which you would type your password, then a button to press that hashes the password using the Westpac-provided one time pad and inserts the result into the real password box.

It doesn't work for me and I gave it a shot at fixing it but could not.

Instead I rewrote the bit at the end to just insert the password that's in the source code. This does mean that your password is stored on disk.

// ==UserScript==
// @name Westpac Logon
// @namespace joelhockey.com
// @version 1.4
// @description Fix the Westpac logon page to allow normal password entry
// @include https://online.westpac.com.au/esis/Login/*
// @grant none
// ==/UserScript==

// new submit function
// function newsubmit(event) {

  • // var typedPwd = document.getElementById('pwdinput').value;
    // var pwdFix = ;

    • // for (i = 0; i < 6; i++) {
      // pwdFix += keypadDef['malgm'].charAt(keypadDef['keys'][typedPwd.charAt(i).toUpperCase()]);

// }

  • // document.getElementById('password_temp').value=pwdFix;

    • // // alert("hello");

// }


// window.addEventListener('btn-submit', newsubmit, true);


// // put the pwd box on the screen after username
// var username_temp = document.getElementById('username_temp');
// var pwd = document.createElement('div');
// pwd.innerHTML = '<label>Password</label><input id="pwdinput" name="pwdinput" type="password" value=""/><button type="button" onclick="newsubmit()">DoIt</button>';
// username_temp.parentNode.insertBefore(pwd, username_temp.nextSibling);

// put your username and password here if you want to
// IT IS A SECURITY RISK IF YOU DO!!!
document.getElementById('username_temp').value='44455666';
var pwdfix =
;
var typedPwd = 'hunter2';
// console.log(keypadDef['keys']);
// console.log(keypadDef['malgm']);
for (i = 0; i < 6; i++) {

  • pwdfix += keypadDef['malgm'].charAt(keypadDef['keys'][typedPwd.charAt(i).toUpperCase()]);

}
// console.log(pwdfix);
document.getElementById('password_temp').value=pwdfix;}}}