搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

How can my web developers get around Firefox remembering a password for my site that needs to be secure?

  • 2 回覆
  • 10 有這個問題
  • 8 次檢視
  • 最近回覆由 cor-el

more options

I'm developing a site that needs to be secure. At the moment on firefox it is remembering a users password and this is very unsecure. I know the user can turn this off but that is not good enough and does not guarantee security of information. I have to get my developers to make it so Firefox cannot remember the password. How do they do it? (They have already added some code which they said would stop major browsers from being able to remember passwords but this didn't work with Firefox). They are probably too proud to go onb a forum and ask for an answer but I'm not!

I'm developing a site that needs to be secure. At the moment on firefox it is remembering a users password and this is very unsecure. I know the user can turn this off but that is not good enough and does not guarantee security of information. I have to get my developers to make it so Firefox cannot remember the password. How do they do it? (They have already added some code which they said would stop major browsers from being able to remember passwords but this didn't work with Firefox). They are probably too proud to go onb a forum and ask for an answer but I'm not!

所有回覆 (2)

more options

This forum focuses on end-user support. You can find more web development help on the mozillaZine Web Development board. Separate forum, separate registration. Please note the tips in the Sticky Post at the top of the forum before posting.

That said... Firefox honors the setting autocomplete="off" in the form tag. When this attribute is set, users should not be prompted to save the username/password, and it should not be filled automatically. (Is this what wasn't working??)

https://developer.mozilla.org/en/How_to_Turn_Off_Form_Autocompletion

Knowledgeable users can bypass this setting by running a script to strip this attribute. I doubt that very many users would do that, but if people have to log in very frequently, it is more likely to happen. Users also may use add-ons that manage passwords, and those add-ons might not honor the autcomplete="off" setting. I haven't used any such add-ons, so I don't know the situation there.

I'm sure this isn't completely satisfactory but hopefully it helps to some extent.

由 jscher2000 - Support Volunteer 於 修改

more options

If you want to make it more difficult then use JavaScript to create that log in form in addition to using autocomplete=off or use a Flash object. Firefox currently only offers to store the password if the log in form is present in the page source.