Don't disable the log in button when browser auto-populates the password

Question

Don't disable the log in button when browser auto-populates the password

Closed this issue 3 years ago · 3 comments

Describe the bug

A lot of times, a user may have a browser save their login credentials, and the moment they visit the /login page, the text fields are populated with login credentials automatically, but the login button stays disabled.

What is the expected behavior?

On page load, there should be an initial check of form validation to enable / disable the login button.

What are the steps to reproduce?

npx -p @pxblue/cli pxb new angular --name testauth --template=authentication --lint --prettier --language=typescript
Log in with "remember me" checked
When prompted by browser, save the password & credentials
Log out
If the browser pre-populates your credentials, you will observe that the login button is disabled

Screenshots or links to minimum reproduction example

Environment

MacOS Chrome

Answer 1 · 2021-07-08T12:04:48.000Z

This seems to be related to browser security policy...the change event is not fired until the user physically interacts with the page...this is to prevent password harvesting.

Answer 2 · 2021-07-08T12:05:30.000Z

There is a fair amount of discussion around this on the internet if you google for it

Answer 3 · 2021-12-28T17:29:07.000Z

As of right now, this is browser-intended security behavior. We can revisit in the future if this becomes more of an issue.