0023611: Disable, or provide config option to disable, autocomplete on login text boxes

ID	Project	Category	View Status	Date Submitted	Last Update
0023611	mantisbt	security	public	2017-11-08 11:20	2022-10-11 12:55

Reporter	ianbamforth	Assigned To
Priority	low	Severity	minor	Reproducibility	have not tried
Status	acknowledged	Resolution	open
Product Version	2.8.0

Summary	0023611: Disable, or provide config option to disable, autocomplete on login text boxes
Description	Penetration testing tools identify autocomplete as a security issue.
Tags	No tags attached.

has duplicate	0026360	closed	dregad	Avoid storing credentials in login page
related to	0031118	new		Current Password field is filled with browser autofill setting.

dregad 2017-11-09 11:16 developer ~0058169	You mean setting `autocomplete="off"` on login page's username field, as per html5 spec ?