• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 214
  • Last Modified:

security issue in input types

what are the security issues in using input type="text" for type="password" apart from masking the characters?
will replacing characters with * using JavaScript should suffice or its better to use type="password"?
2 Solutions
Hans LangerCommented:
Ok, this is what i know about the password field:

You can use: <input type="password" autocomplete="off" />   to avoid to auto-complete the password, which could be a security issue.

Using Chrome, Go to a website where you have your password saved. Right click on the password field-> inspect Element, then choose console and type: $0.value   <-- it will show you the password ($0 provide the selected element). This could be another issue.

If you really want to give a high level of security, you should Encrypt with an algorithm related with the datetime every character when the user is typing his password, so, the un-encrypted password would never be in the browser memory and could not be catch when it send to the server.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Become a Leader in Data Analytics

Gain the power to turn raw data into better business decisions and outcomes in your industry. Transform your career future by earning your MS in Data Analytics. WGU’s MSDA program curriculum features IT certifications from Oracle and SAS.  

Tackle projects and never again get stuck behind a technical roadblock.
Join Now