Don't autofill in password fields our heuristics identify as new-password fields
Categories
(Toolkit :: Password Manager, enhancement, P3)
Tracking
()
People
(Reporter: MattN, Unassigned)
References
Details
(Whiteboard: [passwords:fill-ui] [passwords:generation])
In bug 1119063 we stopped autofilling in autocomplete=new-password
and in bug 1595244 we will start using other heuristics to determine if a field expects a new password, rather than a saved one but bug 1595244 won't stop us from autofilling a saved password into a field expecting a new one. This is partly because we are trying to use Fathom for that bug and there are performance concerns about using Fathom on page load but also to reduce the scope of that work. That means that currently we may autofill a saved login into a field that we will offer password generation on once the field is cleared by the user. The user can always force password generation without clearing the field using the context menu.
If we can get Fathom performance acceptable on page load then we can stop autofilling existing logins in these fields.
Updated•2 years ago
|
Description
•