[sf-lug] what's the mechanism that a website can use to prevent stored information from filling out a form?
Samir Faci
samir at esamir.com
Mon Jun 23 15:52:21 PDT 2014
I really don't think it's on the bank side to disable that feature. It's
your choice if you allow a certain form to remember your user/password.
The example you were giving is for Firefox.
If they fix it for FF, then they would have to address it on every browser,
OS, mobile, PC combination. I don't think that's feasible. Their
responsibility really ends at the browser.
If you choose to use IE6, well it's your own fault. If you choose to store
all your user/passwords in a password manager... or only access your bank
website through a VM that has no persistent data on shut down.
Your level of security and lack there of is completely at your discretion.
Your bank is responsible for securing against weak passwords, cross side
scripting, SQL injections, but I don't think they should do anything
regarding
the issue you were describing.
Just my 2 cents though.. you're free to email them and ask.
On Sun, Jun 22, 2014 at 5:25 PM, Michael Shiloh <michaelshiloh1010 at gmail.com
> wrote:
> Thanks. That's very helpful.
>
> Especially
>
>
> A more complete description is here:
>>
>> https://developer.mozilla.org/en-US/docs/Web/Security/
>> Securing_your_site/Turning_off_form_autocompletion
>>
>
> Wherein:
>
> "Note: The ability for websites to disable the password manager using
> autocomplete = "off" is being removed in Firefox 30 (bug 956906)"
>
> In fact, I'm using FF 30, so possibly the "feature" is with Firefox and
> not the fault of my bank. I can't recall when my FF changed to 30.
>
> Thanks again,
> Michael
>
>
> _______________________________________________
> sf-lug mailing list
> sf-lug at linuxmafia.com
> http://linuxmafia.com/mailman/listinfo/sf-lug
> Information about SF-LUG is at http://www.sf-lug.org/
>
--
Thank you
Samir Faci
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://linuxmafia.com/pipermail/sf-lug/attachments/20140623/0708f262/attachment.html>
More information about the sf-lug
mailing list