Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

[Login Security] Password 'Show' button reveals auto-complete password

Scurvs
Just Moved In

‎05-28-2018 08:08 AM

Environment:

Windows 10.0
Javascript enabled
Cookies enabled
Browser size 2481 x 1374

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36

 

Steps to reproduce issue:

  1. Access MyAccount. If signed-in already, be sure to sign out and perform this step again.
  2. Sign-in, and allow the browser's password keeper to remember the sign-in details.
  3. Sign-out, and access MyAccount. The browser's password keeper should have input the username and password already.
  4. Click the "Show" button in the password field of the login form.

Expected result:

The auto-complete password should remain masked, the field should be cleared when the "Show" button is clicked, or the button should be disabled when the password field is being completed by an auto-complete function.

 

Actual result:
The auto-complete password is revealed in clear-text.

0 Kudos
Reply
1 REPLY 1

Nighthawk
Community Power User
Community Power User

‎05-28-2018 10:24 AM

I'd never use any browser's built in password saving features. Too risky.

 

The challenge you'll find is that different browsers handle autofill differently. What may work on one, may not work on another. Deleting the contents of the password field when Show password is clicked defeats the purpose of the button. One big reason I can think of that the button is there is that users are given 5 chances maximum before their account is locked and a call to Telus would have to be made to unlock it.


If you find a post useful, please give the author a "Like" or mark as an accepted solution if it solves your trouble. 🙂
0 Kudos
Reply
Copyright © 2021 Khoros, LLC
To help us improve this website, we'd love to hear your feedback.
SupportSupport
Find a store Find a store
Contact usContact us
We acknowledge that our work spans many Territories and Treaty areas and that our head office is located on the unceded territories of the xʷməθkʷəy̓əm (Musqueam), Sḵwx̱wú7mesh (Squamish) and Sel̓íl̓witulh (Tsleil-Waututh) Nations. We are grateful for the traditional Knowledge Keepers and Elders who are with us today, those who have gone before us and the youth that inspire us. We recognize the land as an act of Reconciliation, as recommended by the Truth and Reconciliation Commission’s (TRC) 94 Calls to Action and gratitude to those whose territory we reside on, work on or are visiting. Learn more about TELUS’ commitments to Reconciliation.
About Us AccessibilityCareersMediaPoliciesTELUS Service Status
SupportContact Us NeighbourhoodFind a store User TermsService Terms Order Status
TELUS & CRTC Internet CodeInternet Code, SimplifiedTELUS & CRTC Wireless CodeWireless Code, SimplifiedPrivacy / CookiesSecurity
TELUS Digital TELUS International TELUS ProcurementTELUS WebmailTELUS Wise
We acknowledge that our work spans many Territories and Treaty areas and that our head office is located on the unceded territories of the xʷməθkʷəy̓əm (Musqueam), Sḵwx̱wú7mesh (Squamish) and Sel̓íl̓witulh (Tsleil-Waututh) Nations. We are grateful for the traditional Knowledge Keepers and Elders who are with us today, those who have gone before us and the youth that inspire us. We recognize the land as an act of Reconciliation, as recommended by the Truth and Reconciliation Commission’s (TRC) 94 Calls to Action and gratitude to those whose territory we reside on, work on or are visiting. Learn more about TELUS’ commitments to Reconciliation.
TELUS Logo©2021 TELUS