simulate password box

@jriskenMar 17.2010

There are situations where I want autocomplete to work for a user’s name and password, and situations where I don’t. In Firefox, even with autocomplete off, once the user fills in his name, the browser supplies the password field filled out.

I would like to be able to simulate the just-print-asterisks behavior of the input-password form element in an input-text box so as not to trigger the browser’s ‘helpful’ behavior. Does anyone have a little JS snippet that will do this?

to post a comment

JavaScript

16 Comments(s) _↴

@JMRKERMar 17.2010 — #See if this helps: http://www.petefreitag.com/item/481.cfm

@jriskenauthorMar 18.2010 — #Let me state the problem more completely: In my application I want people to be able to use autocomplete once, when they first attempt to log in. But on subsequent attempts, or when they have timed out through inactivity and are re-logging on a different screen, I don't want autocompletion to work (Think multi-user public computers). Since the browser has already stored a password, even though I have turned off autocompletion on this second screen, if the (perhaps next and unauthorized) user guesses the name of the previous log-in, the browser still provides the stored password. I suspect this mechanism is built around the password-type input element, and so I want to eliminate that on my secondary login screen.

@FangMar 18.2010 — #Generate a random [I]name [/I]for the password field. The server program can easily store and read the value.

@jriskenauthorMar 18.2010 — #Tried that of course. Firefox seems not to care about the [I]name[/I] of the element, only that it is of type password. So, for example, I logged in and asked Firfox to remember the password I had types. Then wen to the app and changed the name of the password element. After relaoding the app I tried logging in again - and Firefox was obsessive enough to provide the password anew to the newly-named box.

@criterion9Mar 18.2010 — #Have you tried using a random string for the name of the "username" field or whatever you call it? That should confuse FF enough to not provide the password.

@FangMar 18.2010 — #There is an exception when autocomplete will not work: https://developer.mozilla.org/En/How_to_Turn_Off_Form_Autocompletion#Exceptions_and_Recommended_Workarounds

@jriskenauthorMar 18.2010 — #@criterion

You'd think so, but it does not - at least not in my tests.

@jriskenauthorMar 18.2010 — #Wow. I thought you were really on to something there. After reading the info I tried renaming the form, the input box, and the password box. But no luck: as soon as I typed the first couple of characters in the randomly-named name field, Firefox gave me a drop-down with the field completed; and as soon as I choose that dropdown, it inserted my password in the randomly-named password field below.

It looks like they're storing data elated to the [I]content[/I] of a box - regardless of name - and associating that with a password. Argh!

Thanks for your continuing interest.

@FangMar 18.2010 — #Do you have Google Toolbar autocomplete?

@svidgenMar 18.2010 — #This is not typical behavior for any unmodified browser that I'm aware of. Could you enumerate your add-ons and other modifications?

@jriskenauthorMar 18.2010 — #Sure: Firefox 3.6 with TACO and ColorfulTabs. The behavior is the same on another machine w/o the add-ons and which I never use.

Neither browser has been explicitly modified.

@svidgenMar 18.2010 — #Why don't we try this ... give us the URL, and we'll see if we see the same behavior on our browsers. We can also see the source then and verify that there's nothing atypical about the way you're defining your username/password fields.

@jriskenauthorMar 19.2010 — #Good idea. So I wrote a very simple test case to prove how right I was. And it does not fail in the manner I described. I need to do some more research!

I'll get back to the thread when I have a simple example or a complicated explanation. Thanks for your interest.

@svidgenMar 19.2010 — #If you still need help when you return to the thread, the "simple example" would be preferred over the "complicated explanation."

@jriskenauthorMar 19.2010 — #Not to worry. If it can't be reduced to a simple example, it can't be fixed!

What I have to do now is take the offending, actual, code and keep subtracting until it stops failing in the manner described. An ugly, ugly process.

@jriskenauthorMar 20.2010 — #Update: for what it's worth, here's what seems to be going on: Firefox stored a password to associate with the application's IP address i.e. no user name. I'm thinking that that may mean it didn't have a form element associated with the name part of the name-password pair and was thus willing to supply the password on pretty loose terms.

Or something like that.

I've had FF up for years, and this particular application has gone through many iterations. So whether what happened is an anachronism and whether it would happen again - I can't tell.

It looks like I can use onkeyup in the name field and onfocus in the password field to write a tiny script that will ensure an unfilled password. It's probably overkill, but ...

Anyhow, thanks for your interest: asking me to reduce it to a simple case made me look harder at the issue.

Also in #JavaScript _↴

Javascript experts, I need your help with this Code!!Help with content in a tabbed navigation.event handler defined in innerHTML not work

Success!

Help @jrisken spread the word by sharing this article on Twitter...

Tweet This

simulate password box

16 Comments(s) _↴

Also in #JavaScript _↴

Success!

Social

Version

simulate password box

16 Comments(s) ↴

Also in #JavaScript ↴

Success!

The web is an endless sea of information. Don't miss the boat... Subscribe!

Social

Version

16 Comments(s) _↴

Also in #JavaScript _↴