View Issue Details

IDProjectCategoryView StatusLast Update
0023611mantisbtsecuritypublic2022-10-11 12:55
Reporterianbamforth Assigned To 
PrioritylowSeverityminorReproducibilityhave not tried
Status acknowledgedResolutionopen 
Product Version2.8.0 
Summary0023611: Disable, or provide config option to disable, autocomplete on login text boxes
Description

Penetration testing tools identify autocomplete as a security issue.

TagsNo tags attached.

Relationships

has duplicate 0026360 closeddregad Avoid storing credentials in login page 
related to 0031118 new Current Password field is filled with browser autofill setting. 

Activities

dregad

dregad

2017-11-09 11:16

developer   ~0058169

You mean setting autocomplete="off" on login page's username field, as per html5 spec ?