입력 유형 = 암호, 브라우저가 암호를 기억하지 못하도록합니다.
<input type="password" />브라우저가 사용자에게 암호를 저장하라는 메시지를 표시 하지 않도록 하는 방법을 본 기억 이 있습니다. 그러나 나는 공백을 그리고있다. 이를 수행하는 HTML 속성이나 JavaScript 트릭이 있습니까?
을 사용해보십시오 autocomplete="off". 그러나 모든 브라우저가 지원하는지 확실하지 않습니다. 여기에 MSDN 문서가 있습니다 .
편집 : 참고 : 대부분의 브라우저는이 속성에 대한 지원을 중단했습니다. autocomplete = "off"는 모든 최신 브라우저와 호환됩니까?를 참조하십시오 .
이것은 웹 사이트 디자이너가 아닌 사용자에게 맡겨야 할 것입니다.
<input type="password" autocomplete="off" />
나는 이것을 사용자로서 추가하고 싶습니다. 이것은 매우 성 가시고 극복해야 할 번거 로움 이라고 생각합니다 . 사용자를 악화시킬 가능성이 크므로 사용하지 않는 것이 좋습니다.
암호는 이미 MRU에 저장되어 있지 않으며 올바르게 구성된 공용 컴퓨터는 사용자 이름도 저장하지 않습니다.
다른 방법으로 해결했습니다. 이것을 시도 할 수 있습니다.
<input id="passfld" type="text" autocomplete="off" />
<script type="text/javascript">
// Using jQuery
$(function(){
setTimeout(function(){
$("input#passfld").attr("type","password");
},10);
});
// or in pure javascript
window.onload=function(){
setTimeout(function(){
document.getElementById('passfld').type = 'password';
},10);
}
</script>
#또 다른 방법
<script type="text/javascript">
function setAutoCompleteOFF(tm){
if(typeof tm =="undefined"){tm=10;}
try{
var inputs=$(".auto-complete-off,input[autocomplete=off]");
setTimeout(function(){
inputs.each(function(){
var old_value=$(this).attr("value");
var thisobj=$(this);
setTimeout(function(){
thisobj.removeClass("auto-complete-off").addClass("auto-complete-off-processed");
thisobj.val(old_value);
},tm);
});
},tm);
}catch(e){}
}
$(function(){
setAutoCompleteOFF();
});
</script>
// autocomplete = "off"속성을 추가해야합니다. 또는 입력 상자에 .auto-complete-off 클래스를 추가하고 즐길 수 있습니다.
예:
<input id="passfld" type="password" autocomplete="off" />
OR
<input id="passfld" class="auto-complete-off" type="password" />
보안 문제와 관련하여 보안 컨설턴트가 전체 현장 문제에 대해 알려줄 내용은 다음과 같습니다 (실제 독립 보안 감사에서 가져온 것입니다).
HTML 자동 완성 활성화 됨 – HTML 양식의 암호 필드에 자동 완성 기능이 활성화되어 있습니다. 대부분의 브라우저에는 HTML 양식에 입력 된 사용자 자격 증명을 기억하는 기능이 있습니다.
상대적 위험 : 낮음
Affected Systems/Devices: o https://*******/
I also agree this should cover any field that contains truly private data. I feel that it is alright to force a person to always type their credit card information, CVC code, passwords, usernames, etc whenever that site is going to access anything that should be kept secure [universally or by legal compliance requirements]. For example: purchase forms, bank/credit sites, tax sites, medical data, federal, nuclear, etc - not Sites like Stack Overflow or Facebook.
Other types of sites - e.g. TimeStar Online for clocking in and out of work - it's stupid, since I always use the same PC/account at work, that I can't save the credentials on that site - strangely enough I can on my Android but not on an iPad. Even shared PCs this wouldn't be too bad since clocking in/out for someone else really doesn't do anything but annoy your supervisor. (They have to go in and delete the erroneous punches - just choose not to save on public PCs).
I tried the following and it seems that works to any browser:
<input id="passfld" type="text" autocomplete="off" />
<script type="text/javascript">
$(function(){
var passElem = $("input#passfld");
passElem.focus(function() {
passElem.prop("type", "password");
});
});
</script>
This way is much more safer than using timeout techniques, because it guaranties that the input field will yield to password when the user focuses it.
Here's the best answer, and the easiest! Put an extra password field in front of your input field and set the display:none , so that when the browser fills it in, it does it in an input that you don't care about.
Change this:
<input type="password" name="password" size="25" class="input" id="password" value="">
to this:
<input type="password" style="display:none;">
<input type="password" name="password" size="25" class="input" id="password" value="">
<input type="password" placeholder="Enter New Password" autocomplete="new-password">
Here you go.
You can use JQuery, select the item by id:
$("input#Password").attr("autocomplete","off");
Or select the item by type:
$("input[type='password']").attr("autocomplete","off");
Or also:
You can use pure Javascript:
document.getElementById('Password').autocomplete = 'off';
Read also this answer where he is using this easy solution that works everywhere (see also the fix for Safari mobile):
<input type="password" readonly onfocus="this.removeAttribute('readonly');"/>
you can also use it like following
$('#Password').attr("autocomplete", "off");
setTimeout('$("#Password").val("");', 2000);
In the case of most major browsers, having an input outside of and not connected to any forms whatsoever tricks the browser into thinking there was no submission. In this case, you would have to use pure JS validation for your login and encryption of your passwords would be necessary as well.
Before:
<form action="..."><input type="password"/></form>
After:
<input type="password"/>
I've found the following works on Firefox and Chrome.
<form ... > <!-- more stuff -->
<input name="person" type="text" size=30 value="">
<input name="mypswd" type="password" size=6 value="" autocomplete="off">
<input name="userid" type="text" value="security" style="display:none">
<input name="passwd" type="password" value="faker" style="display:none">
<!-- more stuff --> </form>
All of these are within the forms section. "person" and "mypswd" are what you want, but the browser will save "userid" and "passwd" once, and never again since they don't change. You could eliminate the "person" field if you don't really need it. In that case, all you want is the "mypswd" field, which could change in some way known to the user of your web-page.
The only way I can get firefox, edge, and Internet explorer to turn off autocomplete is to add autocomplete="false" in my form statement like:
<form action="postingpage.php" autocomplete="false" method="post">
and I have to add the autocomplete="off" to my form input and change the type to text Like:
<input type="text" autocomplete="off">
It seems that this html code needs to be standardized with the browsers. the form type = password should be revised so that it overrides browser settings. The only issue I have is that I lost my input masking. But on the bright side the annoying "this site is not secure" is not showing up in firefox.
for me, its not a big deal since the user is already authenticated and its my change user name and password portion of it
'Programing' 카테고리의 다른 글
| 시작 활동시 자동 팝업 키보드 (0) | 2020.08.26 |
|---|---|
| MySQL에서 BIT와 TINYINT의 차이점은 무엇입니까? (0) | 2020.08.25 |
| PHP json_decode ()는 유효한 JSON으로 NULL을 반환합니까? (0) | 2020.08.25 |
| $ (this) AJAX 내부에서 작동하지 않음 (0) | 2020.08.25 |
| Python 간단한 if 또는 논리 문 (0) | 2020.08.25 |