Treehouse

Prevent Form Field Autocomplete

By on  

Preventing autocompletion of form fields is incredibly important since we never know where our users are completing them from. They could complete them from a super secure computer or an incredibly public computer. Regardless of security level, some field values should never be remembered, like credit card number, social security number, etc. Preventing autocompletion is as simple as adding one attribute to a FORM tag for individual form fields.

The HTML

The autocomplete attribute is the key. This attribute may be added FORM tags to prevent any autocompletion:

<form method="post" autocomplete="off">

You may also isolate single fields for preventing autocompletion:

<input type="text" name="credit_card" autocomplete="off" />

Big detail, simple task, simple solution.

ydkjs-1.png

Recent Features

Incredible Demos

  • Full Width Textareas

    Working with textarea widths can be painful if you want the textarea to span 100% width.  Why painful?  Because if the textarea's containing element has padding, your "width:100%" textarea will likely stretch outside of the parent container -- a frustrating prospect to say the least.  Luckily...

  • Upload Photos to Flickr with PHP

    I have a bit of an obsession with uploading photos to different services thanks to Instagram. Instagram's iPhone app allows me to take photos and quickly filter them; once photo tinkering is complete, I can upload the photo to Instagram, Twitter, Facebook, and...

Discussion

  1. Slow day for blog posts? :P

  2. Pritesh Desai

    its a bad idea to make users type out their email id, name etc on every website. There’s a reason why autocomplete was invented.

    • As I stated, there are credit card numbers, social security numbers, passwords, etc. Those shouldn’t be remembered.

  3. simple-touriste

    Passwords should be remembered IF users want to them of be remembered.

    There is a bug about that in Chromium:
    https://code.google.com/p/chromium/issues/detail?id=177290

    Until it’s fixed, there is an add-on for this:

    By using the feature, websites force me to use this add-on, which could decrease my security.

Wrap your code in <pre class="{language}"></pre> tags, link to a GitHub gist, JSFiddle fiddle, or CodePen pen to embed!