Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How does the "Remember my password" checkbox work?

Tags:

html

passwords

cookies

There are numerous login forms with the little check box "Remember my password" so that the next time you visit the website, the browser automatically fills up the password field for you.

But I have noticed a behavior in modern browsers, such as Chrome/Firefox, which shows up a notification bar to save the user name/passoword even though that particular web page does not have any "remember password" check box.

so my questions are:

  1. If I have to put the "remember password" check box in a login form, what do I have to do when the user checks it? I mean, do I have to store the password in browser cookies (or Local Storage)? If so, should the password be encrypted or plain text?
  2. The "Save password" notification bar is a browser's functionality or is there any way to invoke it from the web page?
like image 815
Veera Avatar asked Dec 27 '10 11:12

Veera

People also ask

How does remember me checkbox work?

Clicking the “Remember Me” box tells the browser to save a cookie so that if you close out the window for the site without signing out, the next time you go back, you will be signed back in automatically. Make sure that you have your browser set to remember cookies, or this function will not work.

How Remember Me feature works?

The remember-me feature typically works by generating a unique cookie, associating it with the user in the database, and adding a persistent cookie (i.e. a cookie which is saved on disk by the browser) to the response once the user is logged in.

Does Remember me save password?

The Remember Me checkbox only saves the User ID, and not the Password.

What does it mean remember me in login?

Some web applications may need a "Remember Me" functionality. This means that, after a user login, user will have access from same machine to all its data even after session expired. This access will be possible until user does a logout.

1 Answers

The "save password" part comes from the browser's password manager whenever it sees an <input type="password"> that looks like it really is asking for a password. You can use the autocomplete attribute to suppress this in most browsers:

<input type="password" name="password" autocomplete="off">

This won't validate but that usually doesn't matter.

The "remember me" part is completely separate from the browser's password manager. The "remember me" flag is the server's business and all it does is fiddle with the expiry date on the cookie that it sends back. The server will always send a cookie back (unless they're not using cookies for tracking sessions but that's rare and wouldn't need a "remember me" anyway) with something inside it to identify the client user.

If you check "remember me" then you're telling the server that you want a persistent session. To achieve this, the server will include an expiry date with the cookie and that expiry date will be some time in the future. When the date arrives, the browser will expire and delete the cookie; without the cookie, the server won't know who you are anymore and you'll have to login again.

If you don't check "remember me" then you'll get a session cookie. Session cookies don't have expiry dates on them so automatically expire when the browser exits. Session cookies are useful for shared machines.

Executive summary:

  • "Save password" is from the browser's password manager.
  • "Remember me" is about the login cookie's expiry time.

Sorry to be so long winded but there seems to be some confusion and a lack of clarity in the other answers.

like image 72
mu is too short Avatar answered Oct 03 '22 05:10

mu is too short
Sign in to Comment

Related questions

Detecting by how much user has scrolled
What is the current state of the "scoped" attribute for the style element in HTML5?
Transform: translate(-50%, -50%)
Truncate text containing HTML, ignoring tags
Is it ok for an HTML element to have the same [name] as its [id]?
Print when textarea has overflow
Mobile viewport height after orientation change
Mobile website "WhatsApp" button to send message to a specific number
How do I make a checkbox toggle from clicking on the text label as well?
How can I force two elements to always stay on the same line in a <td>
How can I define fieldset border color?
CSS text ellipsis when using variable width divs
gapless looping audio html5
how to use z-index with relative positioning?
Change tag using javascript [duplicate]
HTML Placeholder browser compatibility
Why does my image have space underneath?
Getting iPhone GO button to submit form
Can I load an entire HTML document into a document fragment in Internet Explorer?
How to Code Double Quotes via HTML Codes

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!