terraframe / geoprism-registry

GeoPrism Registry is a system for curating interlinked data through time. It's the first framework implementing the Common Geo-Registry specification.
https://geoprismregistry.com/
GNU Lesser General Public License v3.0
19 stars 5 forks source link

At login, the password is not automatically cleared after a failed login #227

Open SteeveEbener opened 4 years ago

SteeveEbener commented 4 years ago

List the CGR version information

Describe the bug (clear and concise) The password field is not automatically cleared after a failed login (security issue)

To Reproduce As any role:

  1. Enter a wrong username but the correct password
  2. Close the login fail error message
  3. Adjust the username without modifying the password
  4. Click the login button
  5. See error: you can login without having to re-enter the password

Expected behavior (clear and concise) The password field is cleared after a failed login

Screenshots

Desktop (please complete the following information):

Additional context (if any)

justinlewis commented 4 years ago

This is functionality of the users browser. There is a way we can try to prevent this but may remove more browser functionality for field value assist than the user wants.

I'm going to put this on low priority because it's largely an affect of the end users environment.