Chrome is autofilling fields in IdP forms

Follow
    Applies to:
  • Legacy SecureAuth IdP
Deployment model:
  • On Premises
  • Version Affected:  All

    Description:  

    Chrome is autofilling fields in IdP, often this manifests as the users password showing in a Knowledge Based Answer field, e.g.:

    mceclip0.png

     

    Cause:  

    Chrome version 76 and higher do not properly supporting turning off autocomplete without keeping Autofill on.

    Chrome developers made a deliberate decision that the Autofill feature, which is separate from AutoComplete, will override autocomplete="off"

    https://developer.mozilla.org/en-US/docs/Web/Security/Securing_your_site/Turning_off_form_autocompletion

    https://bugs.chromium.org/p/chromium/issues/detail?id=468153

     

    SecureAuth has previously supplied a modified theme that turns off autocomplete for all input fields. But Chrome's Autofill feature is overriding that.

    Chrome is only allowing a way to turn off one or the other, Autofill or AutoComplete. There is currently no way to turn off both. 

     

    Resolution:  

    None

    Use one of the following workarounds:

    1. Use Incognito mode

    2. Use an alternative browser like Edge, IE or Firefox.

     

     

    SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.

    Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.

    0 out of 0 found this helpful

    Comments

    0 comments

    Please sign in to leave a comment.