Autofill

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Autofill is a function found in some computer applications or programs, typically those containing forms, which prefills a field automatically and can save a user time.

A web browser's autofill feature is used to fill out forms with previously entered values, or a predetermined value. This feature is commonly used to fill in login credentials.

Description[edit]

Autofill is frequently found in web browsers, used to fill in web forms automatically. When a user inputs data into a form and subsequently submits it, the web browser will often save the form's contents by default.[citation needed]

However, when a password field is detected, the web browser will typically ask the user for explicit confirmation before saving the password in its password store, often secured with a built-in password manager to allow the use of a "master password" before credentials can be autofilled.[1]

Most of the time, such as in Internet Explorer and Google Toolbar, the entries depend on the form field's name, so as to not enter street names in a last name field or vice versa. For this use, proposed names for such form fields, in earlier HTML 5 specifications this RFC is no longer referenced, thus leaving the selection of names up to each browser's implementation.

Certain web browsers such as Opera automatically autofill credit card information and addresses.[2]

In HTML[edit]

An individual webpage may enable or disable browser autofill by default. This is done in HTML with the autocomplete attribute in a <form> element or its corresponding form elements.

<!-- Autocomplete turned off by default -->
<form autocomplete="off">

  <!-- This form element has autocomplete turned on -->
  <input name="username" autocomplete="on">

  <!-- While this one inherits its parent form's value -->
  <input name="password" type="password">
</form>

Phishing[edit]

It has been shown that the autofill feature of modern browsers can be exploited in a phishing attack with the use of hidden form fields, which allows personal information such as the user's phone number to be collected.[3]

See also[edit]

References[edit]

  1. ^ "Password Manager - Remember, delete and edit logins and passwords in Firefox". Firefox Support.
  2. ^ "Autofill: What web devs should know, but don't". Cloud Four.
  3. ^ "Browser Autofill Profiles Can Be Abused for Phishing Attacks". Bleeping Computer.

External links[edit]