html – 如何防止浏览器存储密码

前端之家收集整理的这篇文章主要介绍了html – 如何防止浏览器存储密码前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。
我需要阻止浏览器存储用户名&密码,因为我正在处理包含更安全数据的Web应用程序.我的客户问我这个问题.

我在HTML表单中尝试了autocomplete =“off”属性&密码字段.但它不适用于Chrome 55,Firefox 38,IE 11等最新浏览器.

什么是最好的解决方案?

解决方法

这在现代浏览器中是不可能的,并且有充分的理由.现代浏览器提供密码管理器,使用户能够使用比通常更强的密码.

正如MDN: How to Turn Off Form Autocompletion所解释的那样:

Modern browsers implement integrated password management: when the user enters a username and password for a site,the browser offers to remember it for the user. When the user visits the site again,the browser autofills the login fields with the stored values.

Additionally,the browser enables the user to choose a master password that the browser will use to encrypt stored login details.

Even without a master password,in-browser password management is generally seen as a net gain for security. Since users do not have to remember passwords that the browser stores for them,they are able to choose stronger passwords than they would otherwise.

For this reason,many modern browsers do not support autocomplete="off" for login fields:

  • If a site sets autocomplete="off" for a form,and the form includes username and password input fields,then the browser will still offer to remember this login,and if the user agrees,the browser will autofill those fields the next time the user visits the page.

  • If a site sets autocomplete="off" for username and password input fields,the browser will autofill those fields the next time the user visits the page.

This is the behavior in Firefox (since version 38),Google Chrome (since 34),and Internet Explorer (since version 11).

If an author would like to prevent the autofilling of password fields in user management pages where a user can specify a new password for someone other than themself,autocomplete="new-password" should be specified,though support for this has not been implemented in all browsers yet.

原文链接:https://www.f2er.com/html/231783.html

猜你在找的HTML相关文章