This. One especially infuriating trend appears to be not even using the HTML input box at all, the JavaScript just intercepts the keydown event which then (deliberately?) triggers a slow calculation before eventually rendering a star in the text-field-that-actually-isn't, breaking even "auto type" solutions. So you sit there like an idiot every time you log in, with your password manager open and password unmasked, copying each character, laboriously, one-by-one. I can't fathom how this sort of thing gets by management, who are presumably told it increases security, but then apparently never actually try to use the end product.
Even worse is when the suggestion comes to use an app instead of the website, and then the app comes with its own dedicated keyboard that isn't your own phone's keyboard, because "security" and then they scramble the position of all the letters and numbers, making it even slower.
Even worse is when the suggestion comes to use an app instead of the website, and then the app comes with its own dedicated keyboard that isn't your own phone's keyboard, because "security" and then they scramble the position of all the letters and numbers, making it even slower.