8

I've noticed that a vendor's web application triggers Safari's "suggested password" feature at "create password" forms, but does not actually save this password when the form is submitted. That is, after submitting the form and logging back out again, Safari's iCloud Keychain will not include the newly created credentials in the autofill suggestions. (Other credentials from the same domain but different subdomain are presented, so Safari is clearly recognizing the field as a login.)

Similarly, creating a password manually (or logging in with it) is not triggering Safari to remember the password.

It occurs to me that the JavaScript involved in the forms' submissions are obfuscating the action and/or data in some way. What actions are Safari looking for when offering to save passwords?

Stephen Ostermiller
  • 99,822
  • 18
  • 143
  • 364
NReilingh
  • 143
  • 8

1 Answers1

1

Usually, I believe these systems (LastPass, Keychain, Browsers) recognise the requirement for saving fields dependent on your input field name.

As an example, my login forms seem to be compatible simply using two inputs. One a text input with name="username" as an attribute and one password input with name="password" as an attribute. Of course ensure that you also have an input or button with the type of submit.

As long as your code is reflected in such a way, I can't see any reason why it would not work.

Peter Bishop
  • 451
  • 2
  • 7