O'Reilly

Prevent Form Field Autocomplete

By on  

Preventing autocompletion of form fields is incredibly important since we never know where our users are completing them from. They could complete them from a super secure computer or an incredibly public computer. Regardless of security level, some field values should never be remembered, like credit card number, social security number, etc. Preventing autocompletion is as simple as adding one attribute to a FORM tag for individual form fields.

The HTML

The autocomplete attribute is the key. This attribute may be added FORM tags to prevent any autocompletion:

<form method="post" autocomplete="off">

You may also isolate single fields for preventing autocompletion:

<input type="text" name="credit_card" autocomplete="off" />

Big detail, simple task, simple solution.

Treehouse Learning

Upcoming Events

Recent Features

  • Detect DOM Node Insertions with JavaScript and CSS Animations

    I work with an awesome cast of developers at Mozilla, and one of them in Daniel Buchner. Daniel's shared with me an awesome strategy for detecting when nodes have been injected into a parent node without using the deprecated DOM Events API....

  • CSS @supports

    Feature detection via JavaScript is a client side best practice and for all the right reasons, but unfortunately that same functionality hasn't been available within CSS.  What we end up doing is repeating the same properties multiple times with each browser prefix.  Yuck.  Another thing we...

Incredible Demos

  • CSS content and attr

    CSS is becoming more and more powerful but in the sense that it allows us to do the little things easily.  There have been larger features added like transitions, animations, and transforms, but one feature that goes under the radar is generated content.  You saw a...

  • PHP Woot Checker &#8211; Tech, Wine, and Shirt Woot

    If you haven't heard of Woot.com, you've been living under a rock. For those who have been under the proverbial rock, here's the plot: Every day, Woot sells one product. Once the item is sold out, no more items are available for purchase. You don't know how many...

Discussion

  1. Slow day for blog posts? :P

  2. Pritesh Desai

    its a bad idea to make users type out their email id, name etc on every website. There’s a reason why autocomplete was invented.

    • As I stated, there are credit card numbers, social security numbers, passwords, etc. Those shouldn’t be remembered.

  3. simple-touriste

    Passwords should be remembered IF users want to them of be remembered.

    There is a bug about that in Chromium:
    https://code.google.com/p/chromium/issues/detail?id=177290

    Until it’s fixed, there is an add-on for this:

    By using the feature, websites force me to use this add-on, which could decrease my security.

Wrap your code in <pre class="{language}"></pre> tags, link to a GitHub gist, JSFiddle fiddle, or CodePen pen to embed!