Prevent Form Field Autocomplete

By  on  

Preventing autocompletion of form fields is incredibly important since we never know where our users are completing them from. They could complete them from a super secure computer or an incredibly public computer. Regardless of security level, some field values should never be remembered, like credit card number, social security number, etc. Preventing autocompletion is as simple as adding one attribute to a FORM tag for individual form fields.

The HTML

The autocomplete attribute is the key. This attribute may be added FORM tags to prevent any autocompletion:

<form method="post" autocomplete="off">

You may also isolate single fields for preventing autocompletion:

<input type="text" name="credit_card" autocomplete="off" />

Big detail, simple task, simple solution.

Recent Features

  • By
    fetch API

    One of the worst kept secrets about AJAX on the web is that the underlying API for it, XMLHttpRequest, wasn't really made for what we've been using it for.  We've done well to create elegant APIs around XHR but we know we can do better.  Our effort to...

  • By
    Camera and Video Control with HTML5

    Client-side APIs on mobile and desktop devices are quickly providing the same APIs.  Of course our mobile devices got access to some of these APIs first, but those APIs are slowly making their way to the desktop.  One of those APIs is the getUserMedia API...

Incredible Demos

Discussion

  1. Slow day for blog posts? :P

  2. Pritesh Desai

    its a bad idea to make users type out their email id, name etc on every website. There’s a reason why autocomplete was invented.

    • As I stated, there are credit card numbers, social security numbers, passwords, etc. Those shouldn’t be remembered.

  3. simple-touriste

    Passwords should be remembered IF users want to them of be remembered.

    There is a bug about that in Chromium:
    https://code.google.com/p/chromium/issues/detail?id=177290

    Until it’s fixed, there is an add-on for this:

    By using the feature, websites force me to use this add-on, which could decrease my security.

Wrap your code in <pre class="{language}"></pre> tags, link to a GitHub gist, JSFiddle fiddle, or CodePen pen to embed!