I have been searching for a problem for days bu I couldn’t find the solution and I decided to ask.
I am “internet banking” developer. Our internet banking is “.NET C# MVC application”. My country’s banking authority says “On internet banking login pages, browsers must never show "Save Password" dialog box and “user name & password” must definitely not be saved.”
Our password field in login.cshtml is :
@Html.PasswordFor(m => m.Password, new { autocomplete = "off", autoCompleteType = "disable", autocorrect = "off" })
This banking rule is valid for years. At first, we had used “autocomplete = "off"” It was OK but then browsers started to ignore that.
Then I put an invisible password input field before the real password input and browsers focused on this invisible field and “Save Password” dialog box hasn’t shown. It was OK for several years but browsers are smart and they always find and destroy these tricks. It doesn’t work now.
I searched Stackoverflow’s all related questions and the most efficient solution for me is making {autocomplete = "one-time-code"}
This is OK for Chrome, IE and Edge but not working for Firefox. Firefox always shows “Save Password” dialog box. I couldn’t find solution for Firefox. I know there are hundreds of browsers including mobile but this 4 browsers are OK for me.
How could I force Firefox not to show “Save Password” dialog box for Html.PasswordFor input?
PS: It is OK for me to chang the "PasswordFor" field to "TextBoxFor" field and after every key pressed to that field, I could make the entered letter to "bullet" or "star" character not to be seen but I don't know how to do that. I can get help about that issue also..
Thanks & Regards
