This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

How can my web developers get around Firefox remembering a password for my site that needs to be secure?

  • 2 ŋuɖoɖowo
  • 10 masɔmasɔ sia le wosi
  • 8 views
  • Nuɖoɖo mlɔetɔ cor-el

more options

I'm developing a site that needs to be secure. At the moment on firefox it is remembering a users password and this is very unsecure. I know the user can turn this off but that is not good enough and does not guarantee security of information. I have to get my developers to make it so Firefox cannot remember the password. How do they do it? (They have already added some code which they said would stop major browsers from being able to remember passwords but this didn't work with Firefox). They are probably too proud to go onb a forum and ask for an answer but I'm not!

I'm developing a site that needs to be secure. At the moment on firefox it is remembering a users password and this is very unsecure. I know the user can turn this off but that is not good enough and does not guarantee security of information. I have to get my developers to make it so Firefox cannot remember the password. How do they do it? (They have already added some code which they said would stop major browsers from being able to remember passwords but this didn't work with Firefox). They are probably too proud to go onb a forum and ask for an answer but I'm not!

All Replies (2)

more options

This forum focuses on end-user support. You can find more web development help on the mozillaZine Web Development board. Separate forum, separate registration. Please note the tips in the Sticky Post at the top of the forum before posting.

That said... Firefox honors the setting autocomplete="off" in the form tag. When this attribute is set, users should not be prompted to save the username/password, and it should not be filled automatically. (Is this what wasn't working??)

https://developer.mozilla.org/en/How_to_Turn_Off_Form_Autocompletion

Knowledgeable users can bypass this setting by running a script to strip this attribute. I doubt that very many users would do that, but if people have to log in very frequently, it is more likely to happen. Users also may use add-ons that manage passwords, and those add-ons might not honor the autcomplete="off" setting. I haven't used any such add-ons, so I don't know the situation there.

I'm sure this isn't completely satisfactory but hopefully it helps to some extent.

jscher2000 - Support Volunteer trɔe

more options

If you want to make it more difficult then use JavaScript to create that log in form in addition to using autocomplete=off or use a Flash object. Firefox currently only offers to store the password if the log in form is present in the page source.