You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@myfaces.apache.org by "Udo Schnurpfeil (JIRA)" <de...@myfaces.apache.org> on 2018/06/14 11:07:00 UTC

[jira] [Created] (TOBAGO-1904) Password fields shoudn't render it's value

Udo Schnurpfeil created TOBAGO-1904:
---------------------------------------

             Summary: Password fields shoudn't render it's value
                 Key: TOBAGO-1904
                 URL: https://issues.apache.org/jira/browse/TOBAGO-1904
             Project: MyFaces Tobago
          Issue Type: Improvement
          Components: Themes
            Reporter: Udo Schnurpfeil
            Assignee: Udo Schnurpfeil


Because of security reasons...
It's not a "high risk", but it will enhance the security. Some web security checker test this behaviour.

Disadvantage: If you have e.g. a registration form with password field, you have to retype the password (sometime in two fields), when there is some issue with the rest of the form (e.g. didn't fill a required field).
In such a case the page design might be better, typing the password in an extra step.
 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)