Use case: Prohibited password managers

[johnwilander]

This issue is intended to capture various cases of prohibited password managers and a discussion on how to support those with IsLoggedIn. They fall into the category of "unmanaged login flows," meaning the browser is explicitly kept out of managing the user's credentials.

The below use case is from WebKit/explainers#32.

FDA
Don't quote me on this part, but I want to at least mention it. I work in a company where some web properties are FDA relevant. One particular rule of FDA concerns password entry. If you'd take the most careful interpretation of that rule, conclusion is that password management tools are disallowed. The user has to type the password themselves.

This could actually be the wrong interpretation of the rule, I don't know, not an expert. But yes, this means the escape hatch may be needed. And preferably one without a new code change, because of compat reasons.

I dug up the relevant section:
Link