<div>
Gary<br />
<br />
for #1, i understand they don't want the password stored, but how can they enforce it so that your browser never stores it prefilled in the password box?
</div>


Gary

for #1, i understand they don't want the password stored, but how can they enforce it so that your browser never stores it prefilled in the password box?

<div>
Disable autocomplete<br />
<a href="http://www.w3schools.com/tags/att_input_autocomplete.asp" rel="ugc">http://www.w3schools.com/tags/att_input_autocomplete.asp</a>
</div>


Disable autocomplete
http://www.w3schools.com/tags/att_input_autocomplete.asp [http://www.w3schools.com/tags/att_input_autocomplete.asp]

<div>
<div class="content wysiwyg-content">
Web experts, <br />
<br />
This is a 2 part question<br />
<br />
Question 1a): When I go to my stock broker site, I see that I am never allowed to save the password on my browser. It only saves my account ID and I have to enter my password. Is it the broker's website that doenst allow my browser to save the password or is it just a setting on my browser.<br />
<br />
Question 2a): I visit a particular Https site and see that my session is always logged in as long as I don't close my browser or explicitly log off. I could pull the network cable out of my computer for an hour and then plug it back in and pick up on the site exactly where i left off. am i correct to assume that the site sent me a session cookie that was stored in my browser which had the setting to never expire?
</div>
</div>


Web experts, 

This is a 2 part question

Question 1a): When I go to my stock broker site, I see that I am never allowed to save the password on my browser. It only saves my account ID and I have to enter my password. Is it the broker's website that doenst allow my browser to save the password or is it just a setting on my browser.

Question 2a): I visit a particular Https site and see that my session is always logged in as long as I don't close my browser or explicitly log off. I could pull the network cable out of my computer for an hour and then plug it back in and pick up on the site exactly where i left off. am i correct to assume that the site sent me a session cookie that was stored in my browser which had the setting to never expire?

web server and security - cookies

A Web service is a method of communication between two electronic devices over a network. It is a software function provided at a network address over the Web with the service always on as in the concept of utility computing. A web service has an interface described in Web Services Description Language (WSDL). Other systems interact with the Web service in a manner prescribed by its description using SOAP (Simple Object Access Protocol) messages. There are two major classes of Web services: REST-compliant web services, and Arbitrary web services.

Web Services

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.

Vulnerabilities

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.