Watch out for Autocomplete
I ran into a funny problem today that had to do with the Autocomplete feature in Firefox. If I had autocomplete turned off on my computer it would have been very hard to debug this issue, but I quickly realized that autocomplete was the problem.
Suppose you have a backend app to manage users. You have a login for that looks like this:
<label for="username">Username</label> <input type="text" name="username" id="username" />
Now if you also have an edit user form with the same code, autocomplete will fill in the username you used to login with into the username field. This is not a problem if your editing your own username, but if you want to edit someone else, then you have a problem.
So at first I thought I could fix this by changing the
name attribute on the
input tag, but this didn't work. You have to change the
Another way to fix this is to set
autocomplete="off" in your
input tag. But that is a non standard attribute, and breaks HTML validation.
Like this? Follow me ↯Tweet Follow @pfreitag
Watch out for Autocomplete was first published on June 07, 2006.
If you like reading about form, html, autocomplete, or firefox then you might also like:
- Turn off autocomplete for credit card input
- Blocking Mozilla / Google Prefetch
- Where are my ALT tooltips in Firefox
this from the guy whose grammar cheatsheet mentions "you're" v "your" ??
he he.... no problem.
which reminds me: "whose" v "who's" is a common problem...
Anyway, I into the same problem at a former job. Instead of turning off autocomplete, we ran a script that would clear out the password for a certain domain and forced the user to type in the UN and PW once a month. Cut our service calls down a lot because it also forced the user to remember the UN and PW :-)
They would sign in with their username and password, get into our system, change their password, then the next time they tried to sign in using the username, the browser would fill the password field with stars, but it was the password stored in the browser, not the new one in our db.
So, of course, the login fails and the user is befuddled. It took us a while to track down the fact that so many users were complaining that they could not sign in after changing their password. They do not connect the browser storing the password versus the db storing it.
We debated to try to implement strategies to disable the autocomplete (using different sign-in text fields), but did not want to break standard functionality.
So if you have users complaining about not being able to sign in after changing their password, inform them to clear the stars at least once!