Please turn off autocomplete on the OTP input field

If you also add maxlength="6", does that dissuade Chrome from auto-filling with a username that’s longer than 6 ? (OTP codes are 6 digits long).

@edwardsh — I installed Theme My Login, and it still had the same problem.

The problem is obviously not in the TFA plugin, but in how Chrome determines the username field.

Yes, I agree.

I looked at your example code. Obviously, I can’t fiddle with the id, name or class, but I added value="". Unfortunately, that still failed to work.

My complete input field now looks like this:
<input type="text" name="two_factor_code" id="simba_two_factor_auth" autocomplete="one-time-code" value="" type="number" pattern="[0-9]{6}" data-lpignore="true">

I guess that we’ll just have to wait until Google fixes Chrome.

David,

with maxlength=”6″ Chrome still uses autocomplete, just cuts long usernames to first 6 symbols.

I’ve noticed a funny thing. When login page is displayed Chrome autocompletes username and password fields. Correct.
When I ignore these values and just retype the same username & password then Chrome will not autocomplete TFA field.

Perhaps, you couldn’t reproduce the issue because don’t use stored passwords with Chrome?

Paddy,

your string has two type attributes, that’s incorrect.

This one should work for you:

<input type=”number” name=”two_factor_code” id=”simba_two_factor_auth” autocomplete=”off” data-lpignore=”true”>

Also for Chrome testing on desktops have a look at Authenticator extension. It’s able to fill TFA field just in one click, no typing when TFA field is empty.

@edwardsh — Thank you, I missed that I had type twice!

I did as you suggest, and this time it has worked. Yay!

I’ve seen Authenticator before, but I didn’t realise that it automatically added the 2FA into the field. I’ll have another look.

Thanks again