[
https://issues.apache.org/jira/browse/OFBIZ-9471?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ritesh Kumar updated OFBIZ-9471:
--------------------------------
Description: The login and Forget password screens have password inputs. It
is a best practice to disable autocomplete on the password field as it will
avoid caching sensitive data on client site (CC numbers) and avoid storing the
password in an insecure and hackable client-site database. (was: The login and
Forget password screens have password inputs. It is a best practice to disable
autocomplete on the password field as it will avoid caching sensitive data on
client site (CC numbers) and avoid storing the password in an insecure and
hackable client-site database)
> Set autocomplete to off for all the password fields.
> ----------------------------------------------------
>
> Key: OFBIZ-9471
> URL: https://issues.apache.org/jira/browse/OFBIZ-9471
> Project: OFBiz
> Issue Type: Bug
> Components: framework
> Reporter: Ritesh Kumar
> Priority: Minor
> Attachments: OFBIZ-9471-FRAMEWORK.patch, OFBIZ-9471-PLUGIN.patch
>
>
> The login and Forget password screens have password inputs. It is a best
> practice to disable autocomplete on the password field as it will avoid
> caching sensitive data on client site (CC numbers) and avoid storing the
> password in an insecure and hackable client-site database.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
