I've red the bug discussion, but I don't understand it. Where's the safety in this, allowing autocomplete as default. Currently I'm working in a project where 2 factor authentication is introduced. So if username and password is simplified by autocomplete, it make 2FA weaker.