Financial sites such as banks frequently decide to disable password manager using the autocomplete="off" attribute. I'm not sure why they do this; it seems to me that it hurts security more than it helps:
Advantages of letting users save passwords:
Users are more likely to choose passwords that are hard to guess or brute-force rather than easy to remember and type. If the user encounters a phishing site, they're more likely to notice that something is wrong, since they're not used to having to enter their password.
Disadvantages of letting users save passwords:
A stolen laptop or a computer sold on eBay is more likely to contain a saved password.
0 comments, (660 reads) All Articles by, GentleGiant