Hi!
New to the site, and found that autofill was apparently "off". Up to now the only site I had to deal with that blocked autofill was my bank, and I figured I could remember one more password.
While I suppose the “autocomplete=off” gimmick might increase security for Windows users, the opposite is true for a secure OS like MacOS X. Use of this flag is actually a security risk for the Mac user, because it encourages users to use weak passwords, or to save them on disk as a plaintext file, or to use the same password for multiple sites. Passwords are far more secure sitting encrypted in the Mac’s Keychain (which Safari uses to store this kind of information). If you don’t have to remember and type in the password manually, you are far more likely to use a strong, unique, password.
There are Windows apps that perform a similar function as the Mac's Keychain, that is, they are encrypted password databases. I think it would be smarter to encourage the use of apps like this, than to sorta force a behavior on users, especially if it doesn't really fit everybody. It's a kind of dumbing-down, isn't it?
Anyway, I just wanted to put that out there because I'm seeing more sites that aren't banking or financial sites, using this flag, and for users like me, it's a drag.
New to the site, and found that autofill was apparently "off". Up to now the only site I had to deal with that blocked autofill was my bank, and I figured I could remember one more password.
While I suppose the “autocomplete=off” gimmick might increase security for Windows users, the opposite is true for a secure OS like MacOS X. Use of this flag is actually a security risk for the Mac user, because it encourages users to use weak passwords, or to save them on disk as a plaintext file, or to use the same password for multiple sites. Passwords are far more secure sitting encrypted in the Mac’s Keychain (which Safari uses to store this kind of information). If you don’t have to remember and type in the password manually, you are far more likely to use a strong, unique, password.
There are Windows apps that perform a similar function as the Mac's Keychain, that is, they are encrypted password databases. I think it would be smarter to encourage the use of apps like this, than to sorta force a behavior on users, especially if it doesn't really fit everybody. It's a kind of dumbing-down, isn't it?
Anyway, I just wanted to put that out there because I'm seeing more sites that aren't banking or financial sites, using this flag, and for users like me, it's a drag.
