HSBC Bank - Strange "fake" multi-page login, not working

compatibility
#1

HSBC has a strange multi-page experience, that’s not really multi page. The Login URL is https://www.security.us.hsbc.com/gsa/SECURITY_LOGON_PAGE/

You can see basically how it works from the page source.

There are three forms. The first has an ID called usernameForm. The second passwordForm. Those are for the username and password, respectively (along with birthday as an unnecessary secondary piece of information they require). The third form is to use a one-time code. I’m not using that, so ignore that for now.

Kee recognizes the username field and fills it in. When you click submit, it runs some javascript to verify the username. But it doesn’t post back. The response simply hides the first form and makes the second one (passwordForm) visible. This is where Kee fails. It will not fill in any entries in this form. I’ve tried whitelisting the form ID, adding custom matching values, and so on. I think it may keep trying to fill in the first matching form it finds (usernameForm) and isn’t making it to the passwordForm at all, but I’m just speculating.