disable password auto-complete?

  • Hello,

    I’m using the GoDaddy Website Scanner, and It tells me that I need to disable auto-complete for all of my password fields for security reasons. Dose anyone know of a plugin or a file edit that can accomplish this? Thank you!

Viewing 7 replies - 1 through 7 (of 7 total)

  • I’m experiencing the same problems.
    I use wordpress 3.2.1
    Could someone help us please?

    Auto-complete for passwords? Do you mean the auto-complete feature on your browser? I don’t think there is an auto-complete password for WordPress (at least, not a standard feature – might be a plugin?).

    If you mean the auto-complete feature on your browser, here is how to disable it:
    https://brainfold.net/2010/04/risk-associated-with-auto-complete-feature/

    If this helps you, please let us know and mark this post as “Solved” to help others in the WordPress community to easily find the solution to this same problem.

    Cheers.

    Thanks for the help Sean
    But the problem is that I have to create a lock, so that the auto complete is not possible by any browser.

    Hello,

    I guess the best would be to add autocomplete=”off” to your input field:

    <input type="password" autocomplete="off" />

    I’m not quite sure how to add this to the WordPress Dashboard login page without hacking WP itself, but at least this should help you reach the right information ??

    Cheers

    Maybe this will help. I’m not sure how to implement it here though.

    https://www.designchemical.com/blog/index.php/jquery/disable-form-input-autocomplete-using-jquery/

    You can enqueue the JQuery on the page MickeyRoush suggested by:

    in functions.php:

    function kill_autocomplete() {
   wp_register_script('kill-ac',
       get_template_directory_uri() . '/js/autocompleteoff.js',
       array('jquery'),
       '1.0' );
   wp_enqueue_script('kill-ac');
}
add_action('wp_enqueue_scripts', 'kill_autocomplete');

    in /js/autocompleteoff.js:

    jQuery('#user_pass').attr('autocomplete','off');

    You can move autocompleteoff.js to another location in your theme, just update the reference to it in the functions.php entry.

    It’s unlikely that GoDaddy will pick up the JQuery and it probably will still throw the warning, but the problem should be resolved despite the warning.

    There’s no filter in the core to attack the problem directly with the HTML tag, and autocomplete is a non-valid tag, if it’s in the HTML, it’ll throw validator errors.

    @ roscius, very good!

    @ ktsharples & foreverthon
    I’m still trying to debate whether or not this is a good thing. Would this be a service that you want to disable? How many users, will you discourage by doing this? If it’s just for you, than fine, but what about others?

    It reminds of the debate whether or not to use a captcha.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘disable password auto-complete?’ is closed to new replies.