security

Drupal Logo

Adding The autocomplete Attribute To Forms And Password Fields In Drupal 6

22nd February 2012 - 5 minutes read time

Many modern browsers now come with auto-complete functionality so that users can fill in their details quickly without having to type in their username and password every time they want to log on. This can be turned off by adding the attribute "autocomplete" to the form and password elements and setting its value to 'off'.

Setting the autocomplete attribute to off on password fields (and forms containing password fields) can add an added level of security to your Drupal site. This is especially important as if the computer is stolen it is more likely to contain saved passwords that will allow access to sensitive systems. So turning this feature off might be beneficial for certain systems, especially those with very sensitive information.

Read the full article