[Info-vax] OT: Autocomplete username/password

Stephen Hoffman seaohveh at hoffmanlabs.invalid
Mon May 18 09:46:16 EDT 2015


On 2015-05-18 10:23:30 +0000, pieter.spoelstra at portavita.nl said:

> We try to disable autocomplete by generating unique field names each 
> time the login screen is called. But doesn't disable password storage 
> in the browser itself. That's why we implementing 2FA.

It would likely be better to directly discuss this with the Mozilla 
folks, rather than with the OpenVMS folks here in comp.os.vms.  There 
are more than a few existing 2FA implementations around — OpenVMS even 
has latent support for adding 2FA — but if you're going to get tangled 
by a web browser change here, your 2FA design is probably going to need 
some work.  If you _are_ implementing this for OpenVMS, then it'd 
typically be via loginout callouts or (more likely) the ACME interface. 
 IIRC, there are some discussions of smart cards around.  Alas, most 
OpenVMS systems lack USB or Bluetooth capabilities — newer systems do 
have USB — so various fobs are not going to be easily accessible from a 
mid- or older-vintage OpenVMS system.


-- 
Pure Personal Opinion | HoffmanLabs LLC




More information about the Info-vax mailing list