Webauth: Preventing browsers to store the password

Security Gateway Discussions
Post Reply
cjimenez
Posts: 5
Joined: 09 Sep 2008, 09:56

Webauth: Preventing browsers to store the password

Post by cjimenez » 16 Sep 2011, 10:24

We have realized that most users have the username and password stored in the browser so they just have to click the submit button in the login page.

Furthermore, the username and password can be easily seen in the browser settings if the user leaves his computer unattended.

We consider it is obviously a lack of security in our network and we would like to avoid the browser offering to store the password at the login page.

any clue?

Regards.
Carlos Jimenez

danilovav
Posts: 181
Joined: 10 May 2009, 08:16
Location: Moscow, Russia
Contact:

Re: Webauth: Preventing browsers to store the password

Post by danilovav » 16 Sep 2011, 20:52

I googled just idea regarding <input type="password" autocomplete="off" />
But, there is another idea. By JS on onDocumentLoad you can rename password input and after submit - rename back
Not tested, just idea
BR, Alexandr Danilov

Post Reply