Input type=password, don't let browser remember the password

input type=password, don't let browser remember the password
html password code
input type=password asterisk
password pattern in html
input type=password change symbol
input type=password css
html password validation
password type

I remember seeing a way to have an <input type="password" /> such that the browser will not prompt the user to save the password. But I'm drawing a blank. Is there an HTML attribute or some JavaScript trick that will do this?

Try using autocomplete="off". Not sure if every browser supports it, though. MSDN docs here.

EDIT: Note: most browsers have dropped support for this attribute. See Is autocomplete="off" compatible with all modern browsers?

This is arguably something that should be left up to the user rather than the web site designer.

Input type=password, don't let browser remember , <input autocomplete="nope"> turns off autocomplete on many other browsers that don't respect. the form's "off", but not for "password" inputs. -->. <input  Input type=password, don't let browser remember the password. I remember seeing a way to have an <input type="password" /> such that the browser will not prompt the user to save the password. But I'm drawing a blank.

<input type="password" autocomplete="off" />

I'd just like to add that as a user I think this is very annoying and a hassle to overcome. I strongly recommend against using this as it will more than likely aggravate your users.

Passwords are already not stored in the MRU, and correctly configured public machines will not even save the username.

How to turn off password and email/username autocomplete. · GitHub, Forms: The PASSWORD type of form input. when the data is actually sent, so don't rely on a password field to actually secure the data. Description. The input element, having the "password" value in its type attribute, represents a field for passwords. Password fields are very much like text fields, with the difference that their value is obscured (generally, by replacing its characters with a meaningless symbol) and users aren't allowed to copy it to the clipboard.

I solved in another way. You can try this.

<input id="passfld" type="text" autocomplete="off" />
<script type="text/javascript">
// Using jQuery
$(function(){                                               
    setTimeout(function(){
        $("input#passfld").attr("type","password");
    },10);
});


// or in pure javascript
 window.onload=function(){                                              
    setTimeout(function(){  
        document.getElementById('passfld').type = 'password';
    },10);
  }   
</script>

#another way

 <script type="text/javascript">    
 function setAutoCompleteOFF(tm){
    if(typeof tm =="undefined"){tm=10;}
    try{
    var inputs=$(".auto-complete-off,input[autocomplete=off]"); 
    setTimeout(function(){
        inputs.each(function(){     
            var old_value=$(this).attr("value");            
            var thisobj=$(this);            
            setTimeout(function(){  
                thisobj.removeClass("auto-complete-off").addClass("auto-complete-off-processed");
                thisobj.val(old_value);
            },tm);
         });
     },tm); 
    }catch(e){}
  }
 $(function(){                                              
        setAutoCompleteOFF();
    });
</script>

// you need to add attribute autocomplete="off" or you can add class .auto-complete-off into the input box and enjoy

Example:

  <input id="passfld" type="password" autocomplete="off" />
    OR
  <input id="passfld" class="auto-complete-off" type="password"  />

Input Type Password In HTML: Here's How To Obfuscate Password , input (type=password) element. If you don't know what an element is or how you must use it, I recommend you read the " HTML  input type=password, don't let browser remember the password (24) One of the joys of working for a government healthcare agency is having to deal with all of the paranoia around dealing with PHI (Protected Health Information).

I tried the following and it seems that works to any browser:

<input id="passfld" type="text" autocomplete="off" />

<script type="text/javascript">
    $(function(){  
        var passElem = $("input#passfld");
        passElem.focus(function() { 
            passElem.prop("type", "password");                                             
        });
    });
</script>

This way is much more safer than using timeout techniques, because it guaranties that the input field will yield to password when the user focuses it.

input (type=password) element, I remember seeing a way to have an <input type="password" /> such that the browser will not prompt the user to save the password. But I'm drawing a blank. Welcome to LinuxQuestions.org, a friendly and active Linux Community. You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features.

As for security issues, here is what a security consultant will tell you on the whole field issue (this is from an actual independent security audit):

HTML Autocomplete Enabled – Password fields in HTML forms have autocomplete enabled. Most browsers have a facility to remember user credentials entered into HTML forms.

Relative Risk: Low

Affected Systems/Devices: o https://*******/

I also agree this should cover any field that contains truly private data. I feel that it is alright to force a person to always type their credit card information, CVC code, passwords, usernames, etc whenever that site is going to access anything that should be kept secure [universally or by legal compliance requirements]. For example: purchase forms, bank/credit sites, tax sites, medical data, federal, nuclear, etc - not Sites like Stack Overflow or Facebook.

Other types of sites - e.g. TimeStar Online for clocking in and out of work - it's stupid, since I always use the same PC/account at work, that I can't save the credentials on that site - strangely enough I can on my Android but not on an iPad. Even shared PCs this wouldn't be too bad since clocking in/out for someone else really doesn't do anything but annoy your supervisor. (They have to go in and delete the erroneous punches - just choose not to save on public PCs).

Input type=password, don't let browser remember , Password field --> Password: <input type="password" value="FakePSW" id="​myInput"> <!-- An element to toggle between password visibility --> <input  I didn’t change the markup as <input type=password /> is perfectly valid. It doesn’t change the type to text, it just doesn’t let you change the styling. It’s locked down somehow. I’ll change the snippet to explain that it only works for text(ish) inputs.

How To Toggle Password Visibility, The <input type="password"> defines a password field (characters are masked). Note: Any forms involving sensitive information like passwords should be  As shown in the duplicate, you don't need the element selector, just the pseudo selector. If you do want to use the element selector, it should be input[type=password]:-ms-reveal { display: none; } – user247702 Sep 23 '13 at 22:52. it still won't work .

HTML input type="password", You don't even need to have a <form> element. Turns out that if you replace <​input type=”password”/> with <input type=”text”/> the browser no longer  The truth is, you can't force the browser to ask. I'm sure the browser has it's own algorithm for guessing if you've entered a username/password, such as looking for an input of type="password" but you cannot set anything to force the browser.

How to workaround browsers 'save password' & 'password , You create a password field by using the <input> element with the type attribute set to password, as follows: <form action="bin/guestbook.php" method="post">  input[type="password"] { -webkit-text-security: disc; } And that's what is replacing the classic middot. I tried setting it to circle or none, but I cannot get something similar to what is shown by other browsers. EDIT: I FOUND A SOLUTION. If you are using "Lucida Sans Unicode" font for your website, that's the problem!

Comments
  • Duplicate of stackoverflow.com/questions/32369/…
  • You can also deliver the page with HTTPS and via HTTP header or META tag prevent caching. That way, the password also won't be stored (at least in Internet Explorer).
  • As regards validation, HTML5 adds the autocomplete attribute to the spec so it is fine now
  • Note for future readers: All major browsers are moving towards ignoring the attribute. (see stackoverflow.com/a/21348793/37706)
  • @RyanDansie thanks for the pointing that out. I've updated the answer. Old answer is ...old.
  • "This is arguably something that should be left up to the user rather than the web site designer." there are both technical and non technical reasons for having this. One-time passwords shouldn't be remembered, for example. Bank sites with "enter first digit of your PIN" is another. Don't forget that a business analyst might decide he wants a password field and remove the choice from the developer.
  • +1 for "don't annoy your users". That's exactly what this kind of feature does. Just like sites that force off caching so the back button clears the form. EXTREMELY irritating.
  • +1 I completely agree. Its for an administrator edit customer profile page where you only enter a password if you intend to change it. That way the administrators don't change the password every time they go to edit the customer's information.
  • It is very useful for credit card number fields. PayPal's form is stored in every browser, and anyone using your computer can re-input all the data, so you have to manually go and delete all remembered fields.
  • On a form where the user can set a password that has nothing to do with their login, enabling autocomplete is actually the more annoying option - the browser may offer to save a password that it can't actually do anything with. Also, if security is a sensitive issue, I wouldn't assume that all public machines are correctly configured.
  • I'm using this for a one time use password. As jrb said, it would be very annoying if the browser stored it.
  • This prevents the browser for storing the password instead of preventing autocompletion which is a better solution in my scenario.
  • Thanks,worked for me on latest chrome Please Note: Used on an internal system where only Chrome is allowed, do more testing if using in production site.
  • @AntoVinish, I hope my last solution work in firefox 40.