Clever Geek Handbook

How do password managers (in browsers) discover user and password fields, and how to force this detection?

I am trying to understand how password managers detect user and password field in forms. I think the password field is found by looking for the [type = "password"] input, and the user field is the direct previous input (hidden text, text, email, etc.).

/ ***** EDITED **** /

Confirmed for example: I have two forms

F1 = name, email, password

F2 = email address, name, password

So I save my password in the first form, PM stores "email" and "pass".

The second form is then populated with the email value in the field name.

/ ***** END EDITED **** /

But this causes too many errors and it is very common, even in some well-known sites and frameworks.

Is there a way to explicitly specify which fields should be stored? I have not found any information on the internet.

I only find this suggestion: http://www.mypico.org/documents/2014-StajanoETAL-api.pdf but not implemented yet (and probably never)

+3
input passwords field


source to share


No one has answered this question yet

See similar questions:

0
Angular forms and password managers

or similar:

1338
Why does Java have transient fields?
1151
How do you use bcrypt for hashing passwords in PHP?
697
How to get the value of a text input field using JavaScript?
399
Disable browser "Save Password" functionality
4
disable Firefox password manager for some password fields
2
How do I tell the browser that entering a password is not a form or login?
2
html password - disable password manager
1
How to force browser to save password even if it doesn't send it to server
0
How do I make the browser not handle the first login before the password as the username?
0
The password field is cleared when returning to the page using the "Back" button


More articles:


All Articles
Loading...
X
Show
Funny
Dev
Pics