CompGuy007
asked on
Do not want browser to remeber username and password for my users
I am working to create a login prompt and I do not want the browser to offer the remember username and password option for the user. I am using a text box for the username field and a password box for the password field. Anytime I use a password box the browser prompts the option whether to remember username and password or not. I would like my users to type in those information each time they login. Is there any way I could use a text box to accept password and mask the characters in that textbox as a password character so that the browser does not prompt the remember username and password option?
Note that autocomplete=“off” may not be a robust solution. It has not worked in Chrome, ostensibly by design, in order to give the choice to use autocomplete to the end-user rather than the developer.
be sure to check the end of the page about the jQuery plugin too
ASKER
I just need a solution of the above problem for Chrome. I have tried the example provided on that tutorial. It does not work on Chrome. I wrote some JavaScript code and that code prevents IE, and Firefox from offering auto-fill but Chrome always offers it. Neither my JavaScript nor the solution provided in the tutorial can stop Chrome from doing the auto-fill.
did you miss my previous comment?
ASKER
@leakim971, I tried the suggestion provided in the bottom of the page. As the author of that tutorial mentions, it does not work in Chrome. That has been my issue. I can get around in other browsers but not in Chrome. I need a solution for Chrome. Did you try that solution in Chrome? Did it work for you? May be I am missing something.
It seems that you cannot solve it that way with Chrome....
So you may want to explore a "bank-like" numeric field which cannot be memorized by the browser
So you may want to explore a "bank-like" numeric field which cannot be memorized by the browser
I mean the jQuery plugin : https://developer.mozilla.org/en-US/docs/Web/Security/Securing_your_site/Turning_off_form_autocompletion#Use_jQuery_disableAutoFill_Plugin
I don't see why it should not work on Chrome as it create a random name
I don't see why it should not work on Chrome as it create a random name
This plugin will randomize input name attribute by default. It will restore back to original field name when submitting form. This is for preventing auto completion for all browsers (includes third-party auto-completeion extensions) not just for Google Chrome.
Hi,
I'm looking for some solution too and I did several tests and found some solutions
Autocomplete off is not working for password input type specially for Firefox.
The way it work is when user save a user password for a url it will always prefil the first input type password of the form with the one saved in browser, if you have more than one user/password saved for that url you won't have the same problem as the browser don't know which one to pull so it don't pull any.
In fact this is worse than that is appear as it also can pulled the username, not only password bullets.
So basically if you have these 3 fields with password type
old pass
new pass
confirm new pass
old pass will be prefilled with bullet
if you change the type to text then
now you will see the saved username in old pass
and new pass will now have the bullet and so on.
This is a real problem, let say you have an admin that want to reset another user password, his saved password from browser will appear in (bullet) in the first password field, even if this is not related to the user you are editing....
Some suggestion:
Having a hidden form field by css this will catch the credential data and leave your fields empty.
Or change your password input type to text input type for your field, this way it won't pull password / user from browser
By changing the password type to text you will removed the bullet also and this will be clear text.
iYou should use an for encryption or using SSL that will at least encrypted the data when sending the data for the server side validation.
This can be ok on change password but not very good for the login page.
This morning I test Use_jQuery_disableAutoFill
I think this should be easier than that to just simulate the bullet on text input field.
Some way to simulate the password type
https://codepen.io/lenamtl/pen/Pyybyw
https://jsfiddle.net/lenamtl/9zrnt8qc/
Another way by blurring the field
https://codepen.io/lenamtl/pen/pxQjwp
We cannot prevent user to save their login credential in Browser and we cannot control what the browser do.
This is a not secure practice to save password in browser (clear text) but there is no way to prevent that.
I'm looking for some solution too and I did several tests and found some solutions
Autocomplete off is not working for password input type specially for Firefox.
The way it work is when user save a user password for a url it will always prefil the first input type password of the form with the one saved in browser, if you have more than one user/password saved for that url you won't have the same problem as the browser don't know which one to pull so it don't pull any.
In fact this is worse than that is appear as it also can pulled the username, not only password bullets.
So basically if you have these 3 fields with password type
old pass
new pass
confirm new pass
old pass will be prefilled with bullet
if you change the type to text then
now you will see the saved username in old pass
and new pass will now have the bullet and so on.
This is a real problem, let say you have an admin that want to reset another user password, his saved password from browser will appear in (bullet) in the first password field, even if this is not related to the user you are editing....
Some suggestion:
Having a hidden form field by css this will catch the credential data and leave your fields empty.
<input type="password" class="ignoreme, hidden">Or change your password input type to text input type for your field, this way it won't pull password / user from browser
By changing the password type to text you will removed the bullet also and this will be clear text.
iYou should use an for encryption or using SSL that will at least encrypted the data when sending the data for the server side validation.
This can be ok on change password but not very good for the login page.
This morning I test Use_jQuery_disableAutoFill
I think this should be easier than that to just simulate the bullet on text input field.
Some way to simulate the password type
https://codepen.io/lenamtl/pen/Pyybyw
https://jsfiddle.net/lenamtl/9zrnt8qc/
Another way by blurring the field
https://codepen.io/lenamtl/pen/pxQjwp
We cannot prevent user to save their login credential in Browser and we cannot control what the browser do.
This is a not secure practice to save password in browser (clear text) but there is no way to prevent that.
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
more info : https://developer.mozilla.org/en-US/docs/Web/Security/Securing_your_site/Turning_off_form_autocompletion