Some websites, in particular financial institutions, prevent the Firefox password manager from saving login information. This is to protect the users from unauthorized use of the service- and support for the feature was included in Firefox as a condition of the institution's support for the browser. However, many users find this behaviour annoying, and some even argue that it forces users to use passwords shared with other sites so that they will have less passwords to remember. In any case, being a client-side application, a web browser should give ultimate control of the application to the end user. As Mozilla developers refuse to add an override option to Firefox, I had been forced to find an alternative method. Note that I don't question the developer's intentions, especially after reading about 20 bug reports on the subject. I hope that the solution I present will satisfy the end user's need of an active password management feature, and yet still satisfy the Mozilla development communities commitment to the financial institutions. I am not associated with Mozilla in any way, other than the fact that I use Firefox and have filed a few bugs. This method will not work on websites who rotate the form field names. Don't let your financial institution know that!
Things you will need:
What you must do:
<html><body>at the beginning of the file and
</body></html>at the end.
autocomplete="off"from wherever it appears in the form. That's usually in the Form element itself and the Input elements for the username and password.
onsubmitattributes,
onchangeattributes, and the like. Check that the submit button doesn't have a
disabledattribute.
idand
valueattributes from form elements, with the exception of
optionelements inside
selectelements.
I'd love to hear about your success/ failures. Use my contact form, and send me any improvements to the method as you see them. I'll publish them here.
Update: Brian Carpenter recently let me know of a much easier way to actually enable the Firefox password manager for all websites, even those that request that the feature be disabled. In Firefox's nsLoginManager.js file, commonet out the following lines:
if (element && element.hasAttribute("autocomplete") && element.getAttribute("autocomplete").toLowerCase() == "off") return true;
The nsLoginManager.js file can be found in Firefox's "components" folder, which varies in location from system to system. On Linux, the command "locate nsLoginManager.js" will tell you right where it is. Thanks, Brian!
Disclaimer: Performing the steps outlined here will give anybody who users your computer (with or without your consent) access to your accounts. This includes people with physical access to your machine, as well as those who can access it remotely. Of course, this includes trojans and all forms of spyware. If you do use this method, then be sure that you use Firefox's Master Keyword feature, and make sure that your user account is secure. I don't recommend doing this on computers running Windows operating systems, as those systems are extremely vulnerable to spyware and other malicious software.
Date Revised: 2008-02-24
Date Revised: 2009-04-10