Open cmaudoux opened 1 year ago
I am not very enthusiast of using a text input field.
The best practice is to use the autocomplete property with "new-password" value, see https://developer.mozilla.org/en-US/docs/Web/Security/Securing_your_site/Turning_off_form_autocompletion
The latest workaround does not seem to work either. Postponing this issue as the browser behavior is quite hard to trick.
@cmaudoux I found this solution: https://github.com/ltb-project/service-desk/pull/83/commits/cc34eac134f64ca808a442b56f470023da3a63fb
Works for me on Chrome and Firefox
Need to work more on the code to add a configuration option to switch from a standard password field to a text field with hidden characters.
Admin reset user's password.
Browser proposes to store new password.
Maybe use text input type text instead of input type password and obfuscate by using JS.