Browser support looks somewhat limited, so I wanted to ask if there are any concerns or drawbacks with adding autocomplete=username/email/current-password/new-password to contrib.auth's forms?
Pull request: https://github.com/django/django/pull/9921 >From the ticket [https://code.djangoproject.com/ticket/29379]: The most useful one is autocomplete=new-password, which prevents browsers prefill with current password, Chrome will also suggest a random strong password for users who turned on account sync. Related docs: https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#autofill https://www.chromium.org/developers/design-documents/form-styles-that-chromium-understands https://developer.mozilla.org/en-US/docs/Web/Security/Securing_your_site/Turning_off_form_autocompletion#The_autocomplete_attribute_and_login_fields -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To post to this group, send email to django-developers@googlegroups.com. Visit this group at https://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/d398c554-3fe2-4e0f-9deb-a61dabc4cbf3%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
