I've always considered this a bit of a security flaw. Using the javascript console you can show the password in plain text.
Eg: alert(document.getElementById('password').value); On 3 Aug 2015 21:13, "Thiago H de Paula Figueiredo" <thiag...@gmail.com> wrote: > On Mon, 03 Aug 2015 15:04:27 -0300, Christine <myli...@christine.nl> > wrote: > > I have a form with a password field. It gets pre-filled with a previously >> used password string. How can I prevent the browser and/or Tapestry from >> putting a value in the password field? >> > > This is actually done by the browser, not Tapestry, which never prefills > password fields. I believe you should add autocomplete="false" to your form > or password field. More information here: > https://developer.mozilla.org/en-US/docs/Web/Security/Securing_your_site/Turning_off_form_autocompletion > . > > -- > Thiago H. de Paula Figueiredo > Tapestry, Java and Hibernate consultant and developer > http://machina.com.br > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > For additional commands, e-mail: users-h...@tapestry.apache.org > >