Page 1 of 1

Trick the browser not to save password

Posted: Sat May 31, 2008 2:44 am
by ado7y2
Hi,

I would like to do something that would block the user from saving the password of my login form in his browser.
(I'm talking about the form, not the session)
Something to trick the browser not to save the password.
It would be cool if it would do it in all the browser, but IE is the most important.

If anyone has any idea how to do this, because it is really hard to find something like that in google (keywords: password save etc..).

Thanks

Re: Trick the browser not to save password

Posted: Sat May 31, 2008 2:55 am
by SomeoneE1se

Code: Select all

autocomplete="off"
??

Re: Trick the browser not to save password

Posted: Sat May 31, 2008 2:58 am
by ado7y2
really? that easy? I didn't know that.
anyways thanks :)

Re: Trick the browser not to save password

Posted: Mon Jun 02, 2008 10:38 am
by pickle
autocomplete is not a standard so there is no way to guarantee a client will listen to it.

I'd suggest giving the password field a random name, like "password_38dk848" or "password_23kd8333". The user will be asked every time if they want to save the password, but unless you re-generate a random password field that they've already seen, that field will not be populated ever.

To read what the user POSTs from that form, just look through $_POST for a field that starts with "password_".

Re: Trick the browser not to save password

Posted: Mon Jun 02, 2008 11:43 am
by ado7y2
thank you, but I think I'll stick to the autocomplete tag.
When I tried it on different browsers it worked (IE7 and firefox), and this way is a lot easier and faster, I don't need that much guarantee.