Daniel Micay on Twitter: "@DustinKirkland @googlechrome @kees_cook Since most web sites aren't marking up their forms this way, they gather information on forms across sites with telemetry and then distribute a bunch of generic and site-specific heuristics to cope with their forms: https://t.co/Y0W9NLhvMY That's the state of the web in 2022." / Twitter

Dear

, I never ever EVER want to save a 6-digit password. That's ALWAYS a one time passcode. Please regex that and disable the "do you want to update your password?" prompt. Kthxbye! CC

@kees_cook

3

9

Replying to

and

Web developers unfortunately don't spend a couple extra minutes marking up their forms correctly: html.spec.whatwg.org/multipage/form Chrome auto-completion largely relies on telemetry to gather data about forms across sites and implement heuristics to cope with them. It's pretty awful.

1

2

Replying to

Since most web sites aren't marking up their forms this way, they gather information on forms across sites with telemetry and then distribute a bunch of generic and site-specific heuristics to cope with their forms: google.com/chrome/privacy That's the state of the web in 2022.

google.com

Google Chrome Privacy Whitepaper

4:04 AM · Jun 16, 2022Twitter Web App

Replying to

The web site is likely using an id/name for the input field and/or form that's associated with passwords. They might explicitly set it as a password input. In my opinion, Chrome shouldn't have these heuristics and this should be for web sites to set up based on web standards...

1

Conversation