Disable autocomplete for login forms
In order to apply strong security defaults it is suggested to disable autocomplete of login forms.References:
Updated by Stefanos Karasavvidis over 2 years ago
It can be argued that forcing users to remember their passwords leads to simple and easily guessable passwords.
Power users will use a password manager anyway. And for normal users, IMHO it's better to let them use their browsers autocomplete instead of "forcing" them to use everywhere 12345.
Updated by Benni Mack about 1 year ago
- Status changed from New to Rejected
won't do, as browsers overrule whatever they want to do these days (https://stackoverflow.com/questions/12374442/chrome-ignores-autocomplete-off)