First thing I will say is practices like forcing password changes has proven to be a false economy in turns of security, you get situations like users rotating two passwords and it makes it more likely someone will use a weak password. In addition blocking people saving passwords has also proven a false economy, again it encourages weak passwords to be used if you are having to manually type it in. This is a big reason why chrome developers now have blocked websites from blocking password auto filling. If you also block copy and paste in password field's I suggest you stop that behaviour as well as thats another policy that encourages the use of weak passwords.
With that said I dont let my browser remember passwords for sensitive stuff like banking, however the banks are sensible that they dont enforce false economy practices such as regular password updates and preventing copy and paste.
I dont know the answer to your query other than to use drop down letter selections, that will stop it, but also make it a pain to input all the characters. However what you could do is make it ask for say four random characters, some banks do this, so e.g. characters 3,6,11,17 from the password selectable in drop down selections.