I'm trying to improve user exprerience on my website and I noticed a rather annoying behavior on password fields :
If I type a password longer than 8 characters and somehow my form fails (some other field didn't validate), my password gets replaced by "********" in request.vars.password. For example : I try to login and misstype my username --> login form fails. I correct the mistake in the username and press the submit button again --> login still fails, because the password got replaced by '*********' under the hood. Another example: I try to register and type my password but mistyped my password verification (password_two) --> register form fails. I focus the password_two field and retype my password --> register still fails because the original password field got replaced... This behavior is extremely frustrating for users as they can't print request.vars.password like a developper would. All they see is obfuscated passwords. I cannot have this on my commercial website. Is there any way to fix this ? -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.