security issue in input types

codelevel used Ask the Experts™
what are the security issues in using input type="text" for type="password" apart from masking the characters?
will replacing characters with * using JavaScript should suffice or its better to use type="password"?
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Ok, this is what i know about the password field:

You can use: <input type="password" autocomplete="off" />   to avoid to auto-complete the password, which could be a security issue.

Using Chrome, Go to a website where you have your password saved. Right click on the password field-> inspect Element, then choose console and type: $0.value   <-- it will show you the password ($0 provide the selected element). This could be another issue.

If you really want to give a high level of security, you should Encrypt with an algorithm related with the datetime every character when the user is typing his password, so, the un-encrypted password would never be in the browser memory and could not be catch when it send to the server.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial