Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It will also ignore people who use browser's autofill form function. Realized this after receiving a dozen complaints.



You can randomly generate the "name" of the fields and autofill will never fill them, another option to disable autocomplete is to leave them without "name" and handling the submit using JavaScript.


Disabling autocomplete is user-hostile and additionally should be considered a security flaw. It makes it harder to use password managers.


You can disable a single input field from autocomplete

`autocomplete="off"`


'Autocomplete' doesn't work for Firefox (since version 38), Google Chrome (since 34), and Internet Explorer (since version 11

Huge pain


This totally works in latest Chrome/FF/Safari

https://codesandbox.io/s/static-jkvzs

https://jkvzs.codesandbox.io/

The other trick is to add a random string/number in from of the name attribute e.g. name="348349_name". This prevents autofill. Interestingly 1Password and LastPass are smart enough to infer that it's a name or email field.

For the honeypot, random number + word makes it ignored by autofill/1password


My mistake,

looked into it again and it seems Chrome enabled it again in Chrome 68: https://stackoverflow.com/questions/25823448/ng-form-and-aut...

Firefox had it disabled too but enabled it back again: https://developer.mozilla.org/en-US/docs/Web/Security/Securi...

And IE is just a cluster f.

My point being, Autocomplete off is not a valid solution as it can break at an updates notice, and the code hacks, while may work, are a pain to deal with


There are people who don't run Javascript.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: