You have to log in separately using each assigned account number. It’s difficult to remember the account numbers. You’d have to save them somewhere, ideally in a password manager such as KeePass, Bitwarden, or LastPass. You copy the account number from the password manager and paste it on the login page. You’ll receive a one-time passcode by email. You copy and paste it on the next page. So far so good.
Now comes the password part. You can’t copy and paste directly into the password field. The TreasuryDirect website uses this virtual keyboard:
You click on the buttons with your mouse or finger to enter your password. If you follow the recommended practice and use a long password with a mix of letters, numbers, and symbols, it’s painful to click in your long password.
Some password managers can fill in the password automatically (1Password, Keychain on Mac). If your password manager doesn’t, you may be tempted to reset your password to a simpler one just to avoid this pain. Don’t. There’s a workaround.
Remove HTML Attribute
The reason you can’t paste into the password field is that the TreasuryDirect web page instructs your browser to set that field to read-only. If you right-click on the password field and choose “Inspect” in the context menu (it works at least in Chrome and Firefox), you will see this:
<input type="password" autocomplete="off" readonly="readonly" name="password" size="20" maxlength="16" class="pwordinput" value="" data-cip-id="blah blah">
When you double-click in that area and simply remove the part in red, the password field won’t be read-only anymore. Now you can copy and paste your password!
Whether the password field is read-only or not only affects the behavior of your browser. Whether you click on the virtual keyboard or copy and paste your password, the password will be transmitted to TreasuryDirect in the same way.
If you’d like to eliminate the extra steps to right-click and remove the HTML attribute every time you log in, you can use a browser bookmark to automate the task. Create a bookmark in your browser and use this as the URL:
Even if you don’t know anything about coding, you can see this looks for the password field (“pwordinput”) and removes the read-only attribute.
Next time you’re on the password page in TreasuryDirect, click on that bookmark. Nothing visible happens but it removes the read-only attribute from the password field. You can copy and paste your password from the password manager now.
It works the same way as manually removing the HTML attribute. It just happens in one click instead of multiple steps.
If you’re more technical and you already use a browser extension or add-on such as Greasemonkey for Firefox or Tampermonkey for Chrome, you can put a script in the browser extension and eliminate that one click of a bookmark.
Using a browser extension is beyond the scope of this post. Here’s a solution I found on the Internet:
I didn’t test either script. It may not be the only solution or the best one. Inspect and use it at your own risk. Because I don’t log into TreasuryDirect frequently, clicking on a bookmark once per session is easy enough for me.
Say No To Management Fees
If you are paying an advisor a percentage of your assets, you are paying 5-10x too much. Learn how to find an independent advisor, pay for advice, and only the advice.