Disable autocomplete for login forms
In order to apply strong security defaults it is suggested to disable autocomplete of login forms.References:
#1 Updated by Stefanos Karasavvidis about 1 year ago
It can be argued that forcing users to remember their passwords leads to simple and easily guessable passwords.
Power users will use a password manager anyway. And for normal users, IMHO it's better to let them use their browsers autocomplete instead of "forcing" them to use everywhere 12345.