Menu
Saving and auto-filing of username/password is a feature of most modern browsers. And the user can generally choose to disable this feature on a per domain basis. But is there a standard way for the site itself to prevent password caching?
The emphasis here is cross-browser, so I would employ multiple parallel mechanisms if necessary.
(I have seen caching be effectively disabled in the presence of non-standard login fields, eg, an extra hidden password field. But I'd rather not depend on side-effects whose behavior could unexpectedly change in the future.)
Conversely, are there browsers/versions out there that implement password caching without any disable feature?
275
Cached passwords are credentials used by Windows systems in the event the system cannot contact a Domain Controller. In that event, the system will compare any credential supplied, with a cached version of the same.
All modern web browsers come with a built-in password manager that offers to store your login credentials, with varying degrees of security encryption. For instance, user passwords on Chrome are protected by AES encryption, and the encryption key is secured by a separate API, which is the Windows Data Protection API.
In Internet Explorer, select the Tools button , and then select Internet options. On the Content tab, under AutoComplete, select Settings. Select the User names and passwords on forms check box, and then select OK. To turn off password saving, clear the User names and passwords on forms check box.
Add autocomplete="off" to your <input> elements. Works in all modern browsers, IIRC.
195
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
