Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How does the browser decide which form fields are username/password? [closed]

Tags:

browser

forms

passwords

Modern browsers save passwords. Which criteria affect this decision?

Background:

I have a registration page with the following form:

    <form action="/BlaBla/Account/Register" method="post">
    <div>
        <fieldset>
            <legend>Account Information</legend>
            <p>
                <label for="username">
                    Username:</label>
                <input id="username" name="username" type="text" value="" />
            </p>
            <p>
                <label for="email">
                    Email:</label>
                <input id="email" name="email" type="text" value="" />
            </p>
            <p>
                <label for="invitationCode">
                    Invitation Code:</label>
                <input id="invitationCode" name="invitationCode" type="text" value="" />
            </p>
            <p>
                <label for="securityQuestion">
                    Security question:</label>
                <input id="securityQuestion" name="securityQuestion" type="text" value="" />
            </p>
            <p>
                <label for="securityAnswer">
                    Security answer:</label>
                <input id="securityAnswer" name="securityAnswer" type="text" value="" />
            </p>
            <p>
                <label for="password">
                    Password:</label>
                <input id="password" name="password" type="password" />
            </p>
            <p>
                <label for="confirmPassword">
                    Confirm password:</label>
                <input id="confirmPassword" name="confirmPassword" type="password" />
            </p>
            <p class="buttons">
                <input type="submit" value="Register" />
            </p>
        </fieldset>
    </div>
    </form>

Mozilla seems to think that the fields securityAnswer and password are the user/pw fields, with awkward consequences (security answer stored as username is bad).

like image 563
spender Avatar asked Oct 06 '09 01:10

spender

People also ask

How do browsers remember passwords?

All modern web browsers come with a built-in password manager that offers to store your login credentials, with varying degrees of security encryption. For instance, user passwords on Chrome are protected by AES encryption, and the encryption key is secured by a separate API, which is the Windows Data Protection API.

Where does browser stored passwords?

The encrypted passwords are stored in a sqlite database located at "%APPDATA%\.. \Local\Google\Chrome\User Data\Default\Login Data".

Which method would be more appropriate in the form where a user enters a password such as a login form?

Note: Any forms involving sensitive information like passwords (such as login forms) should be served over HTTPS. Many browsers now implement mechanisms to warn against insecure login forms; see Insecure passwords.

2 Answers

I'd guess it assumes the field above 'password' is the username. You could try re-ordering them.

like image 75
Noon Silk Avatar answered Sep 28 '22 08:09

Noon Silk

Also, Internet Explorer's "remember password" feature doesn't remember your passwords if you have more than 2 fields in your form.

like image 45
Sriranga Chidambara Avatar answered Sep 28 '22 10:09

Sriranga Chidambara
Sign in to Comment

Related questions

How to Auto-Resize a DIV with CSS while keeping Aspect Ratio?
How to get entity or pass variable to Symfony2 twig form widget?
Send/Include 'name' field to Mailchimp using API with AJAX
Angular forms with ng-switch
On submit form, return false not working
How to clearly label the formats for numeric input for screen readers?
Why is the Delphi main form WindowState returned as "wsNormal" when the window is minimized?
How to make maxlength attribute accessible?
What is the correct places for parameters in OKHttp in a multipart form call?
How to keep the previous uploaded image (in db) after submitting a form without selecting a new image to be uploaded
Setting cookies with form input
Wordpress - Get an image using the media library
Is it possible to have an Angular 2 formGroup without a form tag?
How to trigger change() in a angular form by a custom control without an input
AngularJS - exclude field from form validation / dirty
Angular 5 Set default value on template driven form input
Conditional Form Field in Django wizard form
Clear Formik field with initial value React
How to Test Standard HTML Forms
How to remove size property from input generated by text_field?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!