55
edits
The autocomplete attribute and web documents using XHTML: Difference between revisions
Jump to navigation
Jump to search
The autocomplete attribute and web documents using XHTML (view source)
Revision as of 18:35, 5 August 2006
, 5 August 2006→Security
| Line 86: | Line 86: | ||
=== Security === | === Security === | ||
1. You could try educating your users in the dangers of public and unsecured machines, and in how to use their browser's autocompletion functionality selectively. Unfortunately, your users are unlikely to have the same interest in the subject that you have -- until their identity is compromised. | 1. You could try educating your users in the dangers of public and unsecured machines, and in how to use their browser's autocompletion functionality selectively. In particular, warn them of the dangers even from from acquaintances and family, who are the perpetrators in around 11% of UK identify fraud ([http://www.cifas.org.uk/reports_what_about_the_victim.asp CIFAS Research: Identify Fraud -- What About the Victim?]). Unfortunately, your users are unlikely to have the same interest in the subject that you have -- until their identity is compromised. Even if they're interested, the majority of internet users are a poor match for more technically sophisticated crooks. This, ultimately, is a serious practical flaw in the argument advanced by Lachlan Hunt and others that site authors have no "right" to restrict web client's use of autocompletion. | ||
2. Instead of an <code>autocomplete</code> attribute, consider using a [http://en.wikipedia.org/wiki/Nonce nonce (Wikipedia)]. | 2. Instead of an <code>autocomplete</code> attribute, consider using a [http://en.wikipedia.org/wiki/Nonce nonce (Wikipedia)]. | ||
| Line 105: | Line 105: | ||
Here "dLafr5aCo0pH7eyo" is a value generated randomly server-side for each request of the form. On submission, the server simply reads the value of the field named "dLafr5aCo0pH7eyo" into "my_sensitive_data". While form data will be remembered by the browser, it will never be used for autocompletion because the name of the relevant field is different each time. This method has the advantage of being fully compatible with the W3C's HTML and XHTML specification and it does protect the user from their sensitive data simply appearing in fields when someone else uses their computer. However, it obviously offers no protection against someone able to read their stored personal data. | Here "dLafr5aCo0pH7eyo" is a value generated randomly server-side for each request of the form. On submission, the server simply reads the value of the field named "dLafr5aCo0pH7eyo" into "my_sensitive_data". While form data will be remembered by the browser, it will never be used for autocompletion because the name of the relevant field is different each time. This method has the advantage of being fully compatible with the W3C's HTML and XHTML specification and it does protect the user from their sensitive data simply appearing in fields when someone else uses their computer. However, it obviously offers no protection against someone able to read their stored personal data. | ||
3. Consider | 3. Consider using a two-factor system including a one-shot password, as with [http://en.wikipedia.org/wiki/TAN_(banking) TAN (Wikipedia)], which might be distributed via a list, SMS, or a custom hardware device like [http://www.securecomputing.com/index.cfm?skey=21 SafeWord]. Be aware that to some extent this merely converts an electronic security problem into a physical one, and that some users will run a mile when faced with the need for yet another gadget. | ||
=== JavaScript autocompletion === | === JavaScript autocompletion === | ||