Page 1 of 1

Webauth: Preventing browsers to store the password

Posted: 16 Sep 2011, 10:24
by cjimenez
We have realized that most users have the username and password stored in the browser so they just have to click the submit button in the login page.

Furthermore, the username and password can be easily seen in the browser settings if the user leaves his computer unattended.

We consider it is obviously a lack of security in our network and we would like to avoid the browser offering to store the password at the login page.

any clue?

Regards.
Carlos Jimenez

Re: Webauth: Preventing browsers to store the password

Posted: 16 Sep 2011, 20:52
by danilovav
I googled just idea regarding <input type="password" autocomplete="off" />
But, there is another idea. By JS on onDocumentLoad you can rename password input and after submit - rename back
Not tested, just idea