“Always on” password autocompletion in Firefox

A handy feature in most web browsers is the ability to remember usernames and passwords for sites you visit often, so you don’t have to keep typing them in – the browser just fills it in for you. Some sites don’t like you doing this, however. If the input tag of the password field contains the attribute autocomplete=”off”, that’s an instruction to the browser not to allow this handy feature for that field, so you have to type in the password by hand every time.

This is arguably quite a good idea, and reduces the chance that a user in an internet cafe will thoughtlessly click “remember” and partially open up their bank account to the next customer. There are some interesting thoughts on the topic here, but that’s not what this post is about.

What this post is about: the intranet at work is one of these security-minded sites that disables autocomplete, which is really really annoying (they also have a brain-dead policy on password expiration, but that’s another story). At certain times of year I have to use this site a lot – it forgets you’re logged in between sessions, and I find myself repeatedly typing the password.

Well, no more. Have I moved to Opera, which ignores autocomplete=”off” altogether? No, of course not – I’ve found a Firefox extension which does the job for me.

Introducing ketjap, which can apparently do a number of quite funky things but which in particular can rewrite tag attributes arbitrarily using a set of prevalue/postvalue rules. So I defined I rule which acts on input tags, on their autocomplete attribute, turning a prevalue of off into a postvalue of on. Et viola, it works. The next time I visited our intranet and entered my username/password, firefox offered to remember the password for me, and I gratefully agreed to its welcome proposal.

Actually, I was a little confused at first, because I looked at the page source, expecting ketjap to have changed that, but that’s not what happens – it seems it alters firefox’s interpretation of the source on the fly, leaving the source untouched. Neato in extremis.

Now I invite members of the public to point out the page in Firefox’s preferences where I could have just ticked a box to make this happen. ;-)

2 Responses to ““Always on” password autocompletion in Firefox”

  1. Dave
    April 25th, 2006 | 2:30 pm

    If you highlight the form and select ‘View Selection Source’ from the context menu, that should show you the HTML that was actually rendered rather than the HTML retrieved from the server.
    PS – Looks like your spam filter failed :)

  2. April 25th, 2006 | 5:34 pm

    Nice one Dave. I didn’t know about that feature and you’re right, it does. :-)

    As for the comment spam, yeah – until very recently all of my comment spam has been directed at old posts and MT-Blacklist caught it. More recently it’s showing up on newer posts, which have a less aggressive filtering policy. If it becomes an issue I guess I’ll have to tighten that up, probably meaning legitimate comments don’t appear automatically, which would be a shame.

    I need to upgrade my MT installation anyway – or maybe just move to hobix, though I don’t know what the commenting/spam filtering is like there…