Is it possible to prevent passwords from being auto-filled in the login pages for the NuGenesis web apps? - WKB203321

ENVIRONMENT

• NuGenesis 9
  • SDMS WebVision, SDMS Legacy Audit Trail Viewer, SDMS HelpDesk, SDMS New Audit Trail Viewer, LMS SampleShare
• NuGenesis 8
  • SDMS WebVision, SDMS Audit Trail Viewer, SDMS HelpDesk, LMS SampleShare

ANSWER

The best way to prevent browsers from auto-filling user credentials in a web form is to turn off the browser feature for remembering passwords; or, to disable this feature for the NuGenesis web servers. The HTML specification has an "autocomplete" attribute for HTML forms and input fields, and possible values for this attribute include "off" and "new-password". In theory, these settings should prevent a compliant web browser from remembering and auto-filling user passwords; however, in practice, the most common web browsers ignore this attribute if the password-management feature is enabled in the browser. The best practice is to use group policies to disable password management in Internet Explorer, Chrome, and Microsoft Edge for the NuGenesis web servers (and prevent users from removing the restriction).

ADDITIONAL INFORMATION

To disable password management in browsers individually (instructions are subject to change as the browsers change over time):

• Mozilla Firefox
  • Click the main menu > Settings.
  • Click Privacy & Security.
  • Scroll down to Logins and Passwords.
  • Clear "Ask to save logins and passwors for websites"; or, leave it active and click Exceptions to add exceptions for the NuGenesis web servers.
  • Clear "Autofill addresses".
  • Clear "Autofill credit cards".
• Microsoft Edge (and IE mode in Edge)
  • Click the main menu > Settings.
  • Click Profiles > Passwords.
  • Turn off "Offer to save passwords".
• Google Chrome
  • Click the main menu > Settings.
  • Click Profiles > Passwords.
  • Turn off "Offer to save passwords".