The commented out section is a "proper" way to do it. It inserts a new textbox into which you would type your password, then a button to press that hashes the password using the Westpac-provided one time pad and inserts the result into the real password box.

It doesn't work for me and I gave it a shot at fixing it but could not.

Instead I rewrote the bit at the end to just insert the password that's in the source code. This does mean that your password is stored on disk.

{{{// ==UserScript== // @name Westpac Logon // @namespace joelhockey.com // @version 1.4 // @description Fix the Westpac logon page to allow normal password entry // @include https://online.westpac.com.au/esis/Login/* // @grant none // ==/UserScript==

// new submit function // function newsubmit(event) {

• // var typedPwd = document.getElementById('pwdinput').value;

  // var pwdFix = ;

  • // for (i = 0; i < 6; i++) { // pwdFix += keypadDef['malgm'].charAt(keypadDef['keys'][typedPwd.charAt(i).toUpperCase()]);

// }

• // document.getElementById('password_temp').value=pwdFix;
  • // // alert("hello");

// }

// window.addEventListener('btn-submit', newsubmit, true);

// // put the pwd box on the screen after username // var username_temp = document.getElementById('username_temp'); // var pwd = document.createElement('div'); // pwd.innerHTML = '<label>Password</label><input id="pwdinput" name="pwdinput" type="password" value=""/><button type="button" onclick="newsubmit()">DoIt</button>'; // username_temp.parentNode.insertBefore(pwd, username_temp.nextSibling);

// put your username and password here if you want to // IT IS A SECURITY RISK IF YOU DO!!! document.getElementById('username_temp').value='44455666'; var pwdfix = ; var typedPwd = 'hunter2'; console.log(keypadDef['keys']); console.log(keypadDef['malgm']); for (i = 0; i < 6; i++) {

• pwdfix += keypadDef['malgm'].charAt(keypadDef['keys'][typedPwd.charAt(i).toUpperCase()]);

} // console.log(pwdfix); document.getElementById('password_temp').value=pwdfix;}}}