Local Passwords Overwritten

[nowinski]

The administrative edit user modal seems to overwrite password when opened and used to edit user details like Role, Name, Description. Note that UserPreference table Value field updates to a new hash after editing user details and clicking Save.

[kenburcham]

I've found this only happens if you have saved your password in your browser. It recognizes the "password" field and unfortunately copies your password into the field.

A workaround is to not save your password for the production CDMS site.

[nowinski]

If you save a password in Google Chrome, the password field on the Edit User modal (modal-manage-user.html) will autocomplete the Password field with that password:

Disabling autocomplete in the HTML seems to resolve this issue. https://stackoverflow.com/questions/35448269/angular-materials-can-you-disable-the-autocomplete-suggestions-for-an-input