如何禁用 IE11 中 HTML 密码字段的自动完成功能? [英] How to disable autocomplete for a HTML password field in IE11?
问题描述
IE11 放弃了对 >autocomplete=off for input type=password 在表单和元素级别.
IE11 dropped support for autocomplete=off for input type=password at both the form and element level.
有没有人找到在 IE11 下禁用自动完成的可行解决方案?
Has anybody found a working solution to disable autocomplete under IE11?
推荐答案
使用双因素身份验证解决安全问题会更好.攻击浏览器将 (a) 仅在短期内起作用(密码管理器越来越擅长处理这些类型的方法),并且 (b) 通常会导致可访问性问题,这可能会让您付出比您担心的更多的用户合法密码泄露.如果您在大型组织中工作,那么在您的浏览器黑客攻击方面有足够时间的辅助技术用户最终可能会提起诉讼.(我不是特别针对这个 hack,但一般来说,针对浏览器工作会伤害辅助技术)
You're much better off solving the problem of security with two-factor authentication. Hacking around the browser will (a) only work in the short-term (password managers are getting better at handling these kinds of approaches), and (b) often lead to accessibility issues, which can cost you a lot more users than your fear of legitimate password leakage. If you work in a large organization, users of assistive technology who have a tough enough time with your browser hacks can end up filing a lawsuit. (I am not speaking to this hack in particular, but generally speaking working against the browser hurts assistive technologies)
双因素身份验证,即使是一个草率的实现,只是要求诸如中间名之类的东西,然后设置一个 cookie(这个浏览器现在允许在一个月内不使用 2FA 访问"),使得随机黑客变得更加困难获得对帐户的未经授权的访问,并为用户(尤其是使用屏幕阅读器或其他辅助技术的用户)提供更好的服务.
Two-factor authentication, even a sloppy implementation that just asks for something like middle name, then sets a cookie ("this browser is now allowed access without 2FA for a month"), makes it immensely more difficult for a random hacker to gain unauthorized access to an account, and keeps things better off for the users, especially those using screen readers or other assistive technology.
另一方面,禁用密码管理器往往会导致密码易于输入,而不是强密码.使用 LastPass 或类似工具,我可以拥有一个我永远不希望记住的 24 个字符的密码(并且 LastPass 可能可以填写您试图用黑客保护的字段,仅供参考),以及每个站点的不同密码.当我有密码必须记住时,它们往往是用一个符号串在一起的两个词,例如Dogs+Knife".
Disabling password managers, on the other hand, tends to lead to easy-to-type passwords rather than strong passwords. Using LastPass or similar, I can have a 24-character password (and LastPass can probably fill in fields you're trying to protect with hacks, fyi) that I would never hope to remember, and a different password for each site. When I have passwords I have to remember, they tend to be two words strung together with a symbol, such as "Dogs+Knife".
这篇关于如何禁用 IE11 中 HTML 密码字段的自动完成功能?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
