same problem. the password complexity rules will make password typing a pain in the neck with ipad onscreen keyboard because of uppercase lowercase and numbers. I guess if the shortcuts list only has one or very few entries then a trojan app could try to paste them into high value websites like yahoo google hotmail and see if get lucky. I would not store online shopping passwords as shortcuts because of the brute force try them all on desireable and commonly used websites hacks. If a password candidate with obvious complexity is found in the clipboard then similar problem. the logic: iff really hard to type = It is a password. So the more complex password requirements imposed by the website, the higher the risk of password being captured and send out to hackers for try this and that. Would need to demand that major websites to move towards iPad and iPhone onscreen keyboard friendly password complexity rules. Apple could stomp its feet on the ground?