I have a problem with autocomplete="off". It's dangerous. I may not show a dropdown list but it still store the information submitted. If you go to a form that has the same name it will show you the information you have submitted in the form with 'autocomplete="off"'. The best work around I have found is to use a textarea on 1 row for sensitive info that you would prefer not to be store in autocomplete formfileds.
Hope this helps.
Like most modern browsers, Gecko™-based browsers (e.g. Mozilla and Firefox browsers) can be configured to remember the information the user fills in for form and password fields on web sites. This feature is called Form and Password Autocompletion in Gecko browsers. The feature is known in other browsers by names such as "Form Pre-filling" and "Wallet". Gecko-based browsers have had this feature since Mozilla Milestone M18, or Netscape 6.0 (late 2000). The autocompletion feature for form and password fields are by default turned on but can be turned off by end users via the preference settings in the respective control panel for Form and Password Manager:
- For forms, go to <tt>Edit > Preferences > Privacy & Security > Forms</tt> and uncheck the option to save form data when entering forms.
- For passwords, go to <tt>Edit > Preferences > Privacy & Security > Passwords</tt> and uncheck the option to remember passwords. Note that passwords can be stored in an encrypted format.
Note that on Mac OS X Mozilla browsers, the Preferences menu item can be found under the Mozilla menu item.
Form & Password Managers also allow the user to manage stored form and password information.
Both the Form Manager and the Password Manager feature raise dialog boxes prompting users whether or not they want the form field information to be stored. The autocompletion feature is convenient for users and the large majority seem to prefer to have this feature turned ON. The Gecko preference default reflects this fact. Security and privacy related preferences ultimately belong to the user and for this reason most web sites, including web mail and many sites with commercial transactions, honor the user preference for this feature. However, some web sites for security reasons need to turn the feature off. This is typically true for banks and financial institutions where transactions are considered extremely sensitive.
The feature can be turned off of course by instructing the user to uncheck the option in Form and Password Managers, but this involves an action on the user's part and the desired result may not always be obtained.
This technote shows how web sites can turn off this autocompletion feature for a particular web page -- even if the user has autocompletion turned on in the browser preference settings.
Three Aspects of Autocompletion
- Form Manager prompt—whether or not the user is presented with a dialog to allow the browser to store form field information. If a dialog box is presented, the user has to consciously decline in order to avoid storing the information.
- Password Manager prompt—whether or not the user is presented with a dialog to allow the browser to store password field information. If a dialog box is presented, the user has to consciously decline in order to avoid storing the information.
- Session history caching—whether or not the browser should store form data in session history for subsequent retrieval. When form data is cached in session history, the information the user has filled in will be visible after the user has submitted the form and clicked on the Back button to go back to the original form page.
Password fields are like other form fields, but Gecko browsers provide an option to store the info in them in an encrypted file format on disk. Because of the sensitivity of passwords, there is a dedicated Password Manager for these types of form fields, whereas Form Manager handles other non-password storage of form data.
Typically, turning off autocompletion involves suppressing both the Form Manager and Password Manager dialog boxes, as well as ensuring that form information is not stored in session history for future retrievals.
How to Turn Off the Autocompletion Feature
The easiest and simplest way to disable Form and Password storage prompts and prevent form data from being cached in session history is to use the autocomplete form element attribute with value "off":
autocomplete = "off"
For example, a typical form element line with autocompletion turned off might look like the following:
<form name="form1" id="form1" method="post" autocomplete="off" action="http://www.example.com/form.cgi"> [...] </form>
Applicable browser versions: Netscape 6.2 (Mozilla 0.9.4) or later. IE 5 or later. For IE autocomplete info, see the relevant MSDN entry.
This form attribute is not part of any web standards but was first introduced in Microsoft's Internet Explorer 5. Netscape introduced it in version 6.2 -- in prior versions, this attribute is ignored.
Exceptions and Recommended Workarounds
For Gecko browsers such as Netscape 6.2 and later, the <tt>autocomplete</tt> attribute works perfectly. With <tt>autocomplete="off"</tt>, the Password Manager prompt is turned off and information is not stored in session history for future retrievals. The only exception to the use of the <tt>autocomplete="off"</tt> attribute is in the Form Manager prompt under the following special conditions:
The form element contains at least two key words "Address" and "Name" or their variants. There may be other combinations of typical form words but these two together trigger the Form Manager prompt without fail. If only one of the two key words is present, e.g. "Address", with other words such as "Phone", "Fax", "Home", or "ZIP", the prompt does not occur. Note that variants of key words such as "Name1", "Address2" will also trigger the prompt.
More specifically, the two key words "Name" and "Address" must be contained either within the form as descriptions of input fields or as values for the <tt>name</tt> attribute of the <tt>input</tt> field. Attributes such as <tt>id</tt> do not have this effect. Typical HTML snippets that trigger the Form Manager dialog follow, and are illustrative of the types of markup which will trigger Form Manager to prompt users to store the form fields.
Keywords used to describe input fields:
<form name="form1" id="form1" method="post" autocomplete="off" action="http://www.example.com/form.cgi"> Name: <input type="text" name="text1" /><br/> Address: <input type="text" name="text2" /><br/> Phone: <input type="text" name="text3" /><br/> Password: <input type="password" name="password" /><br/> <input type="Submit" name="Submit" value="Submit" /> </form>
The above snippet uses the keywords Name and Address to describe to the end user the type of data that the field solicits. Another way that Form Manager will be activated to prompt the user to store the form data is if the name attribute for the form input fields is one of the keywords, such as in the snippet below.
Keywords used as the value for the name attribute:
<form name="form1" id="form1" method="post" autocomplete="off" action="http://www.example.com/form.cgi"> <input type="text" name="name" /><br/> <input type="text" name="address" /><br/> <input type="text" name="text3" /><br/> <input type="password" name="password" /><br/> <input type="Submit" name="Submit" value="Submit" /> </form>
In the cases above, the autocomplete feature is triggered and an attempt is made to store common form entries such as "name" and "address" in spite of the presence of the autocomplete attribute. In this case, the autocomplete attribute has no effect. However, a workaround would be to:
- Not use the strings "name" and "address" as the values for the names of any of the form input fields.
- Split the characters in words "Name" and "Address" with the span element, as the example below shows.
<form name="form1" id="form1" method="post" autocomplete="off" action="http://www.example.com/form.cgi"> <span>N</span>ame: <input type="text" name="text1" /><br/> <span>A</span>ddress: <input type="text" name="text2" /><br/> </form>
The trick is to enclose part of the words "Name" and "Address" in the <tt>span</tt> element. A Mozilla browser bug requests that Form Manager be turned off completely when the <tt>autocomplete="off"</tt> attribute is present. When this bug is fixed, there would be no need to use this workaround.
This particular sensitivity to the keywords "Name" and "Address" (case insensitive) is limited to these spellings and their variants in English, and possibly in other languages where the spellings are similar. Although we don't usually find these keywords being used in describing form fields in languages other than English, we find them sometimes as the <tt>name</tt> attribute values in many different languages. This latter is usually what prevents the <tt>autocomplete</tt> attribute from working as intended.
Web sites can take advantage of the non-standard but effective and widely used form element attribute <tt>autocomplete="off"</tt> to turn off both Form and Password Manager prompts as well as not allowing form data from being cached in session history to avoid inadvertent display of form info when the Back button is clicked. Web sites wishing to prevent Form Manager prompts need to avoid the use of the two key words "Name" and "Address" (and any lexical variants such as "Name1") in form field descriptions and avoid use of these keywords as the values of the <tt>name</tt> attribute of input fields.
Original Document Information
- Authors: Katsuhiko Momoi and Arun Ranganathan
- Last Updated Date: May 23rd, 2002
- Copyright © 2001-2003 Netscape. All rights reserved.