View Issue Details

IDProjectCategoryView StatusLast Update
0023611mantisbtsecuritypublic2019-11-18 04:34
Reporterianbamforth Assigned To 
PrioritylowSeverityminorReproducibilityhave not tried
Status acknowledgedResolutionopen 
Product Version2.8.0 
Summary0023611: Disable, or provide config option to disable, autocomplete on login text boxes
Description

Penetration testing tools identify autocomplete as a security issue.

TagsNo tags attached.

Relationships

has duplicate 0026360 closeddregad Avoid storing credentials in login page 

Activities

dregad

dregad

2017-11-09 11:16

developer   ~0058169

You mean setting autocomplete="off" on login page's username field, as per html5 spec ?

Issue History

Date Modified Username Field Change
2017-11-08 11:20 ianbamforth New Issue
2017-11-09 11:16 dregad Note Added: 0058169
2019-11-15 18:20 atrol Relationship added has duplicate 0026360
2019-11-18 04:34 dregad Status new => acknowledged