Comment 1 for bug 1948970

Can you provide examples of sites that do this?

It sounds like an antipattern, what if I typoed the access code? How does the site know whether to continue automatically? (we could do it by length but that sounds even insecure, as an attacker doesn't necessarily know the length of the code to enter (it's 6 digits, not a big secret) but if we automatically submit once the content of the field hits 6 digits, we're removing this barrier to brute-force attacks, however small.

Some devices, such as Yubikeys, can be programmed to automatically send an ENTER after entering the code, which has the same effect.