Re: Add autocomplete attribute to contrib.auth fields?

I wouldn't think such pentest tools are a major concern, as I'd guess not many users have to meet such requirements, and it would always be possible to subclass the forms and set autocomplete=off where appropriate. Also the referred mdn docs

Re: Add autocomplete attribute to contrib.auth fields?

I don’t have much to add other than it’s pretty common for pentests to flag autocomplete being enabled on sensitive fields (email/password) and recommend disabling it (autocomplete=off). While I’m not sure if I agree with that recommendation in some situations you have little choice but to follow i

Add autocomplete attribute to contrib.auth fields?

Browser support looks somewhat limited, so I wanted to ask if there are any concerns or drawbacks with adding autocomplete=username/email/current-password/new-password to contrib.auth's forms? Pull request: ​https://github.com/django/django/pull/9921 >From the ticket [https://code.djangopr