I remember seeing a way to have an <input type="password" />
such that the browser will not prompt the user to save the password. But I'm drawing a blank (its late...). Is there an HTML attribute or some JavaScript trick that will do this?
views:
3379answers:
2
+7
A:
Try using autocomplete="off"
. Not sure if every browser supports it, though. MSDN docs here.
tvanfosson
2009-01-22 07:15:41
note that this will not validate.
Jan Hancic
2009-01-22 07:18:00
Great, now I can go to sleep :)
DavGarcia
2009-01-22 07:29:38
You can also deliver the page with HTTPS and via HTTP header or META tag prevent caching. That way, the password also won't be stored (at least in Internet Explorer).
doekman
2010-04-09 08:55:16
+13
A:
<input type="password" autocomplete="off" />
I'd just like to add that as a user I think this is very annoying and a hassle to overcome. I strongly recommend against using this as it will more than likely aggravate your users.
Passwords are already not stored in the MRU, and correctly configured public machines will not even save the username.
sirlancelot
2009-01-22 07:17:15
+1 for "don't annoy your users". That's exactly what this kind of feature does. Just like sites that force off caching so the back button clears the form. EXTREMELY irritating.
cletus
2009-01-22 07:29:17
+1 I completely agree. Its for an administrator edit customer profile page where you only enter a password if you intend to change it. That way the administrators don't change the password every time they go to edit the customer's information.
DavGarcia
2009-01-22 16:12:59
It is very useful for credit card number fields. PayPal's form is stored in every browser, and anyone using your computer can re-input all the data, so you have to manually go and delete all remembered fields.
HeavyWave
2009-11-16 11:48:47
On a form where the user can set a password that has nothing to do with their login, enabling autocomplete is actually the more annoying option - the browser may offer to save a password that it can't actually do anything with. Also, if security is a sensitive issue, I wouldn't assume that all public machines are correctly configured.
jrb
2010-10-25 10:33:59