I figured the secret input field is autocompleted by the browser with the saved password of the email account.
By having this field completed automatically, it is not possible to generate all codes (by clicking on the "Fill all fields" button) until I remove the content.
This can prevent some misunderstanding on the part of some users.
To disable the autocompletion I changed the following line in twofactor_gauthenticator.php :
$input_descsecret = new html_inputfield(array('name' => $field_id, 'id' => $field_id, 'size' => 60, 'type' => 'password', 'value' => $data['secret']));
To
$input_descsecret = new html_inputfield(array('name' => $field_id, 'id' => $field_id, 'size' => 60, 'type' => 'password', 'value' => $data['secret'], 'autocomplete' => 'new-password'));
Hello Team,
I figured the secret input field is autocompleted by the browser with the saved password of the email account. By having this field completed automatically, it is not possible to generate all codes (by clicking on the "Fill all fields" button) until I remove the content.
This can prevent some misunderstanding on the part of some users.
To disable the autocompletion I changed the following line in twofactor_gauthenticator.php :
$input_descsecret = new html_inputfield(array('name' => $field_id, 'id' => $field_id, 'size' => 60, 'type' => 'password', 'value' => $data['secret']));To$input_descsecret = new html_inputfield(array('name' => $field_id, 'id' => $field_id, 'size' => 60, 'type' => 'password', 'value' => $data['secret'], 'autocomplete' => 'new-password'));Kind regards, Alexandre