Idea: don't treat the Yubi-OTP field as password field

[My1]

the data inside there is not really something that someone looking at your screen can look around, and in browsers this spawns the "do you want to save this password", which is obviously nothing we are intrested in and browsers nowadays wont honor anything to disable autocomplete on password fields.

it might make more sense to use a normal text field with disabled autocomplete here, like this

<input type="text" maxlength="44" name="response" autocomplete="off">

this way the browser will neither store nor ask to store any of the yubi-OTPs

[jaark]

Good points.

[jaark]

Code in master does this now.

Will release to app store after I've done some more testing on the changes.