ChatGPT解决这个技术问题 Extra ChatGPT

Disabling Chrome Autofill

This question's answers are a community effort. Edit existing answers to improve this post. It is not currently accepting new answers or interactions.

I have been running into issues with the chrome autofill behavior on several forms.

The fields in the form all have very common and accurate names, such as "email", "name", or "password", and they also have autocomplete="off" set.

The autocomplete flag has successfully disabled the autocomplete behavior, where a dropdown of values appear as you start typing, but has not changed the values that Chrome auto-populates the fields as.

This behavior would be ok except that chrome is filling the inputs incorrectly, for example filling the phone input with an email address. Customers have complained about this, so it's verified to be happening in multiple cases, and not as some some sort of result to something that I've done locally on my machine.

The only current solution I can think of is to dynamically generate custom input names and then extract the values on the backend, but this seems like a pretty hacky way around this issue. Are there any tags or quirks that change the autofill behavior that could be used to fix this?

It's not a duplicate. This one handles disabling the autofill, that one handles styling the autofill color ...
autocomplete="false" instead of autocomplete="off" as per Kaszoni Ferencz answer, get voting for it people.
Look at the number of answers to this question - it should tell you something: you're fighting a losing battle. This is no longer a Chrome issue, Firefox and others have been following suit. Like it or not, you need to accept the decision of the browser industry, that form auto-complete is the user's choice - you can fight them, but you will lose. At the end of the day, the question you should be asking is not, how can I subvert auto-complete, but rather, how do I create forms that work well with auto-complete. Your concerns about security are not yours to worry about, but the users.
Sorry, but @mindplay.dk's response is counter-productive. My situation is I have users who have logged into my site and a page on the site is for them to enter account/pwd information for other systems. When I put up a diaog for them to enter a new one, their logon info for my site gets filled in, which is completely wrong and will cause problems if/when users inadvertently enter that information in. The two have nothing whatever to do with each other. In this case the browser is doing something counter to what the user wants.
@mindplay.dk - My web application is a workflow management application for the workplace, so, no, the concerns about security are mine to worry about, as mandated by top management and must be adhered to by all employees, aka "the users." However asking them to set Chrome, IE, or any other browser themselves is going to leave gaps in the authentication process, since they can, intentionally or not, wind up using the autofill. ANot all web applications are of the same type, with the same kinds of users or concerns.

M
Matt K

Apr 2022: autocomplete="off" still does not work in Chrome, and I don't believe it ever has after looking through the Chromium bugs related to the issue (maybe only for password fields). I see issues reported in 2014 that were closed as "WontFix", and issues still open and under discussion [1][2]. From what I gather the Chromium team doesn't believe there is a valid use case for autocomplete="off".

Overall, I still believe that neither of the extreme strategies ("always honor autocomplete=off" and "never honor autocomplete=off") are good.

https://bugs.chromium.org/p/chromium/issues/detail?id=914451#c66

They are under the impression that websites won't use this correctly and have decided not to apply it, suggesting the following advice:

In cases where you want to disable autofill, our suggestion is to utilize the autocomplete attribute to give semantic meaning to your fields. If we encounter an autocomplete attribute that we don't recognize, we won't try and fill it. As an example, if you have an address input field in your CRM tool that you don't want Chrome to Autofill, you can give it semantic meaning that makes sense relative to what you're asking for: e.g. autocomplete="new-user-street-address". If Chrome encounters that, it won't try and autofill the field.

https://bugs.chromium.org/p/chromium/issues/detail?id=587466#c10

Although this "suggestion" currently works for me it may not always hold true and it looks like the team is running experiments, meaning the autocomplete functionality could change in new releases.

It's silly that we have to resort to this, but the only sure way is to try and confuse the browser as much as possible:

Name your inputs without leaking any information to the browser, i.e. id="field1" instead of id="country".

Set autocomplete="do-not-autofill", basically use any value that won't let the browser recognize it as an autofillable field.

Jan 2021: autocomplete="off" does work as expected now (tested on Chrome 88 macOS).

For this to work be sure to have your input tag within a Form tag

Sept 2020: autocomplete="chrome-off" disables Chrome autofill.

Original answer, 2015:

For new Chrome versions you can just put autocomplete="new-password" in your password field and that's it. I've checked it, works fine.

Got that tip from Chrome developer in this discussion: https://bugs.chromium.org/p/chromium/issues/detail?id=370363#c7

P.S. Note that Chrome will attempt to infer autofill behavior from name, id and any text content it can get surrounding the field including labels and arbitrary text nodes. If there is a autocomplete token like street-address in context, Chrome will autofill that as such. The heuristic can be quite confusing as it sometimes only trigger if there are additional fields in the form, or not if there are too few fields in the form. Also note that autocomplete="no" will appear to work but autocomplete="off" will not for historical reasons. autocomplete="no" is you telling the browser that this field should be auto completed as a field called "no". If you generate unique random autocomplete names you disable auto complete.

If your users have visited bad forms their autofill information may be corrupt. Having them manually go in and fix their autofill information in Chrome may be a necessary action from them to take.


'new-password' worked for me after trying 'off' and 'false'
This is the only working fix now. False, and off, do not work anymore. Should be the correct answer now.
Not working as of 1.13.2018 Version 63.0.3239.132 (Official Build) (64-bit)
I just wanted to say.. After stumbling across this issue.. Chrome is a real piece of work. So now we must jump through hoops to disable functionality that was supposed to remain optional. In what world would address autofill be needed in a business application where the address is new / different every time. Google is becoming just as bad as Microsoft.
In Chrome 91 on Windows I have not been able to get Chrome to stop auto filling, Neither autocomplete="off" nor autocomplete="chrome-off" worked
L
Lee Taylor

I've just found that if you have a remembered username and password for a site, the current version of Chrome will autofill your username/email address into the field before any type=password field. It does not care what the field is called - just assumes the field before password is going to be your username.

Old Solution

Just use <form autocomplete="off"> and it prevents the password prefilling as well as any kind of heuristic filling of fields based on assumptions a browser may make (which are often wrong). As opposed to using <input autocomplete="off"> which seems to be pretty much ignored by the password autofill (in Chrome that is, Firefox does obey it).

Updated Solution

Chrome now ignores <form autocomplete="off">. Therefore my original workaround (which I had deleted) is now all the rage.

Simply create a couple of fields and make them hidden with "display:none". Example:

<!-- fake fields are a workaround for chrome autofill getting the wrong fields -->
<input style="display: none" type="text" name="fakeusernameremembered" />
<input style="display: none" type="password" name="fakepasswordremembered" />

Then put your real fields underneath.

Remember to add the comment or other people on your team will wonder what you are doing!

Update March 2016

Just tested with latest Chrome - all good. This is a fairly old answer now but I want to just mention that our team has been using it for years now on dozens of projects. It still works great despite a few comments below. There are no problems with accessibility because the fields are display:none meaning they don't get focus. As I mentioned you need to put them before your real fields.

If you are using javascript to modify your form, there is an extra trick you will need. Show the fake fields while you are manipulating the form and then hide them again a millisecond later.

Example code using jQuery (assuming you give your fake fields a class):

$(".fake-autofill-fields").show();
// some DOM manipulation/ajax here
window.setTimeout(function () {
  $(".fake-autofill-fields").hide();
}, 1);

Update July 2018

My solution no longer works so well since Chrome's anti-usability experts have been hard at work. But they've thrown us a bone in the form of:

<input type="password" name="whatever" autocomplete="new-password" />

This works and mostly solves the problem.

However, it does not work when you don't have a password field but only an email address. That can also be difficult to get it to stop going yellow and prefilling. The fake fields solution can be used to fix this.

In fact you sometimes need to drop in two lots of fake fields, and try them in different places. For example, I already had fake fields at the beginning of my form, but Chrome recently started prefilling my 'Email' field again - so then I doubled down and put in more fake fields just before the 'Email' field, and that fixed it. Removing either the first or second lot of the fields reverts to incorrect overzealous autofill.

Update Mar 2020

It is not clear if and when this solution still works. It appears to still work sometimes but not all the time.

In the comments below you will find a few hints. One just added by @anilyeni may be worth some more investigation:

As I noticed, autocomplete="off" works on Chrome 80, if there are fewer than three elements in <form>. I don't know what is the logic or where the related documentation about it.

Also this one from @dubrox may be relevant, although I have not tested it:

thanks a lot for the trick, but please update the answer, as display:none; doesn't work anymore, but position: fixed;top:-100px;left:-100px; width:5px; does :)

Update APRIL 2020

Special value for chrome for this attribute is doing the job: (tested on input - but not by me) autocomplete="chrome-off"


This used to work fine, I used it too, but since a Chrome upgrade some time ago (between then and May 5th), Chrome ignores the form property :(
Google took the decision in (Chrome v34 I think) to make it policy to ALWAYS now ignore autocomplete="off", including form level directives ... that would be fine if it actually got the damn fields right.
try autocomplete="false" not autocomplete="off"
This attribute is also required: autocomplete="I told you I wanted this off, Google. But you would not listen."
chrome-off worked for me in Chrome 81. Also - how is everyone doing? I've had 2 kids since I first came to this question. Stay healthy!
r
rmcsharry

After months and months of struggle, I have found that the solution is a lot simpler than you could imagine:

Instead of autocomplete="off" use autocomplete="false" ;)

As simple as that, and it works like a charm in Google Chrome as well!

August 2019 update (credit to @JonEdiger in comments)

Note: lots of info online says the browsers now treat autocomplete='false' to be the same as autocomplete='off'. At least as of right this minute, it is preventing autocomplete for those three browsers.

Set it at form level and then for the inputs you want it off, set to some non-valid value like 'none':

<form autocomplete="off"> 
  <input type="text" id="lastName" autocomplete="none"/> 
  <input type="text" id="firstName" autocomplete="none"/>
</form>

Worked for me! But there is one important remark: I have 5 fields in my web page: Name, Address, Zip code, Phone and Email. When I included autocomplete='false' on the Form and on the Name field, it still worked. However, when I included the autocomplete='false' also on the Address field, it finnally stopped autofilling them! So, you need to put the autocomplete property not on the login or name field, but on the following fields too! (Worked on Chrome 43.0.2357.81 as of 2015-05-27)
IF THIS DOES NOT WORK FOR YOU: Keep in mind that there are 2 ways Chrome "helps" users. AUTOCOMPLETE will prompt based on previous submission in the same form filed and will affect people who are using the form more than once. Autocomplete is disabled with autocomplete="off". AUTOFILL will prompt based on the address book from previously filled out similar forms on other pages. It will also highlight the fields it is changing. Autofill can be disabled with autocomplete="false".
This doesn't work for me (Version 43.0.2357.124 m). This was probably an oversight by Google, which has now been resolved. They seem to be thinking "the user is always right" in that they want to autofill everything. The problem is, my registration form saves the user data just like the login form does, which is most definitely not what the user wants...
YEP It works in Chrome 43.0.2357!! this behaviour in Chrome is so annoying, and this workaround took me a while to figure out. Thanks for your answer.
doesnt work with Chrome 44.0.2403.157. How can this feature work and not work with different versions. It is ridiculous
C
Cœur

Sometimes even autocomplete=off won't prevent filling in credentials into wrong fields.

A workaround is to disable browser autofill using readonly-mode and set writable on focus:

 <input type="password" readonly onfocus="this.removeAttribute('readonly');"/>

The focus event occurs at mouse clicks and tabbing through fields.

Update:

Mobile Safari sets cursor in the field, but does not show virtual keyboard. This new workaround works like before, but handles virtual keyboard:

<input id="email" readonly type="email" onfocus="if (this.hasAttribute('readonly')) {
    this.removeAttribute('readonly');
    // fix for mobile safari to show virtual keyboard
    this.blur();    this.focus();  }" />

Live Demo https://jsfiddle.net/danielsuess/n0scguv6/

// UpdateEnd

Explanation: Browser auto fills credentials to wrong text field?

filling the inputs incorrectly, for example filling the phone input with an email address

Sometimes I notice this strange behavior on Chrome and Safari, when there are password fields in the same form. I guess, the browser looks for a password field to insert your saved credentials. Then it autofills username into the nearest textlike-input field , that appears prior the password field in DOM (just guessing due to observation). As the browser is the last instance and you can not control it,

This readonly-fix above worked for me.


what a great fix :) you should replace jquery with this: this.removeAttribute("class")
@Clint: My code snippet above removes the readonly attribute as soon as the user enters the field (per mouse click or tab key). I guess, you refer to a field, which is auto fill protected, but not touched by the user. What is this field purpose - and does it really need to be protected? Depending on the scenario, removing all readonly attributes on submit may be an option. Can you add a more specific comment on your issue? Maybe I can help you out :)
If you're using JavaScript. why not just set the value to dummy and then remove the value again? Adding and removing readonly sounds like a hazardous move - what if the browser doesn't want you to focus on it?
This is misleading though, as the field has a grey background indicating to the user that it is disabled (which it is) and shows the banned cursor when hovering over it. Only when the user clicks it, which they wouldn't normally do since the styles tell them not, does it actually start working. It may work, but is counter intuitive IMO and bad UX. I suppose you could add styles to address this though.
Apparently google is trying to make decisions for all of us here, they closed the ticket regarding autocomplete="off": bugs.chromium.org/p/chromium/issues/detail?id=468153. But there is another ticket opened for collecting valid user cases for disabling autofill, please reply this ticket to raise more awareness of this issue here: bugs.chromium.org/p/chromium/issues/detail?id=587466
d
dana

If you are implementing a search box feature, try setting the type attribute to search as follows:

<input type="search" autocomplete="off" />

This is working for me on Chrome v48 and appears to be legitimate markup:

https://www.w3.org/wiki/HTML/Elements/input/search


Yes! :) Thank you! This works in Chrome 67.0.3396.99. (I think your link should be: w3.org/wiki/HTML/Elements/input/search as of September 2018).
Finally! still works Version 69.0.3497.100 (Official Build) (64-bit) This should be the real answer!
everybody is right and wrong and the same time you should write autocomplete="off" inside the tag
instead on input and this will stop the autofill behavior
Also works if you set autocomplete="off" on the form (to change that default form-wide) and then just need to set type="search" on the
After Chrome version 72.XX, this fix does not work. Find the lastest fixe here stackoverflow.com/a/55045439/1161998
P
Pang

I don't know why, but this helped and worked for me.

<input type="password" name="pwd" autocomplete="new-password">

I have no idea why, but autocomplete="new-password" disables autofill. It worked in latest 49.0.2623.112 chrome version.


Updated my chrome, and still it does work for me. 50.0.2661.87 (64bit)
Unfortunately, when submitting the form (or when the input fields are hidden/removed), Chrome then asks to save the changed login.
Works in Version 51.0.2704.79 m
holy f*** why this works? is that a bug? because i tested it here and place it only in one input and worked for both input login and password, but i put it only in the password
Only answer that still actually works at the moment.
a
arun

Try this. I know the question is somewhat old, but this is a different approach for the problem.

I also noticed the issue comes just above the password field.

I tried both the methods like

<form autocomplete="off"> and <input autocomplete="off"> but none of them worked for me.

So I fixed it using the snippet below - just added another text field just above the password type field and made it display:none.

Something like this:

<input type="text" name="prevent_autofill" id="prevent_autofill" value="" style="display:none;" />
<input type="password" name="password_fake" id="password_fake" value="" style="display:none;" />
<input type="password" name="password" id="password" value="" />

Hope it will help someone.


This one worked for me (for now). I have found that I have used about a half dozen different hacks over time, and after a while Chrome decides it wants to defeat that hack. So a new one is needed, such as this one. In my application, I have a profile update form with email and password fields that are to be left blank unless the user wants to make changes. But when Chrome autofills, it puts the userid in the "email confirmation" field, resulting in all kinds of error conditions, that lead to further error conditions, as the user flounders about trying to do the right thing.
A quick explanation as to why this hack works (for now): Chrome sees the first type=password input and autofills it and it assumes that the field directly before this MUST be the userhame field, and autofills that field with the username. @JeffreySimon this should explain the phenomenon of userid in email confirmation field (I was seeing the same thing on my form).
@kentcdodds - not sure what you mean about no longer working. Your jsbin does not have a password field so is a different situation. I've been using this solution for years and most recently I noticed it was needed and it worked for me just last week (March 2015).
Hooray! A solution that seems to work! I would advise giving the field the name password and having actual_password for the legitimate field, as Google now seem to be looking at the name. However, this means Chrome won't then save the password, which is the functionality I actually want. AAAAARRRRGHH!
Update: This continues to work over a year since the last time I implemented it. We may have a solid winner here.
K
Kuf

For me, simple

<form autocomplete="off" role="presentation">

Did it.

Tested on multiple versions, last try was on 56.0.2924.87


@ArnoldRoa version added, it's been on our site since the day I've posted it and had few versions where it worked fine. which version are you using? PC/Mac?
@Dummy I tested it now on chrome latest (57) and it's still working for me. Did you do anything special with the input fields? cap you put your code somewhere I could try to reproduce?
Version 64.0.3282.186 (Official Build) (64-bit) Windows. 2018-03-01 NOT WORKING for disabling autofill.
Pretty sure this removes the form / input from assistive technologies w3c.github.io/using-aria/#ariapresentation
this is the only working thing in chrome 88 at Mac at the moment.
H
Hitesh Kalwani

You have to add this attribute :

autocomplete="new-password"

Source Link : Full Article


Do you have any sources how to figure this out?
Works, but is not semantic as can be used on username and other fields.
F
Fareed Alnamrouti

It is so simple and tricky :)

google chrome basically search for every first visible password element inside the <form>, <body> and <iframe> tags to enable auto refill for them, so to disable this you need to add a dummy password element as the following:

if your password element inside a tag you need to put the dummy element as the first element in your form immediately after open tag if your password element not inside a tag put the dummy element as the first element in your html page immediately after open tag You need to hide the dummy element without using css display:none so basically use the following as a dummy password element.


Great work, how did you find out the algorithm of Chrome? I just found out that my old method changing the value with JS after the page has been loaded with a setTimeout timer doesn't work anymore. But this works perfect!
Unfortunately, does not work for regular TextBox inputs.
actually it is working just set the name property ;)
On Chrome 58 this does not work. Use width:1px. If the password field is completely hidden, then Chrome autofills it normally. Also z-index:-999 could be useful so it does not overlap any content.
Works on Chrome 67.0 on angular html component <form *ngIf="!loggedIn()" #loginForm="ngForm" class="navbar-form navbar-right" (ngSubmit)="login()"><input type="password" style="width: 0;height: 0; visibility: hidden;position:absolute;left:0;top:0;"/><input type="text" #username="ngModel" placeholder="Username" class="form-control" required autocomplete="off" name="username" [(ngModel)]="model.username"><input type="password" #password="ngModel" placeholder="Password" class="form-control" required autocomplete="off" name="password" [(ngModel)]="model.password">...
r
rybo111

Here are my proposed solutions, since Google are insisting on overriding every work-around that people seem to make.

Option 1 - select all text on click

Set the values of the inputs to an example for your user (e.g. your@email.com), or the label of the field (e.g. Email) and add a class called focus-select to your inputs:

<input type="text" name="email" class="focus-select" value="your@email.com">
<input type="password" name="password" class="focus-select" value="password">

And here's the jQuery:

$(document).on('click', '.focus-select', function(){
  $(this).select();
});

I really can't see Chrome ever messing with values. That'd be crazy. So hopefully this is a safe solution.

Option 2 - set the email value to a space, then delete it

Assuming you have two inputs, such as email and password, set the value of the email field to " " (a space) and add the attribute/value autocomplete="off", then clear this with JavaScript. You can leave the password value empty.

If the user doesn't have JavaScript for some reason, ensure you trim their input server-side (you probably should be anyway), in case they don't delete the space.

Here's the jQuery:

$(document).ready(function() {
  setTimeout(function(){
    $('[autocomplete=off]').val('');
  }, 15);
});

I set a timeout to 15 because 5 seemed to work occasionally in my tests, so trebling this number seems like a safe bet.

Failing to set the initial value to a space results in Chrome leaving the input as yellow, as if it has auto-filled it.

Option 3 - hidden inputs

Put this at the beginning of the form:

<!-- Avoid Chrome autofill -->
<input name="email" class="hide">

CSS:

.hide{ display:none; }

Ensure you keep the HTML note so that your other developers don't delete it! Also ensure the name of the hidden input is relevant.


@Vaia - have you tried navigating to another page and then pressing the back button? I get mixed results - it may need tweaking.
I haven't tried option 1 if you mean that. Also I just needed to disable the autofill on an ajax-loaded modal that won't be called with the back button. But if there will be other results, I'll tell you. @rybo111
@Vaia I meant option 2 - please reply here if you encounter any problems. Thanks.
S
Stiffels

Use css text-security: disc without using type=password.

html

<input type='text' name='user' autocomplete='off' />
<input type='text' name='pass' autocomplete='off' class='secure' />

or

<form autocomplete='off'>
    <input type='text' name='user' />
    <input type='text' name='pass' class='secure' />
</form>

css

input.secure {
    text-security: disc;
    -webkit-text-security: disc;
}

best approach I found so far! well, at least for Chrome 64 :/
For my purposes this is perfect, thank you! Chrome doesn't autofill or autocomplete it, doesn't offer to save it, and not only is it obscured from view but also from the clipboard - I copied what I'd typed and pasted it into notepad and just got "•••••••••••". Brilliant!
"text-security" is not a valid css property as of october 2020
S
Shoaib Khan

Previously entered values cached by chrome is displayed as dropdown select list.This can be disabled by autocomplete=off , explicitly saved address in advanced settings of chrome gives autofill popup when an address field gets focus.This can be disabled by autocomplete="false".But it will allow chrome to display cached values in dropdown.

On an input html field following will switch off both.

Role="presentation" & autocomplete="off"

While selecting input fields for address autofill Chrome ignores those input fields which don't have preceding label html element.

To ensure chrome parser ignores an input field for autofill address popup a hidden button or image control can be added between label and textbox. This will break chrome parsing sequence of label -input pair creation for autofill. Checkboxes are ignored while parsing for address fields

Chrome also considers "for" attribute on label element. It can be used to break parsing sequence of chrome.


I love you. The only solution on this page that actually works.
This worked for me but only tested on Chrome.
i tried autocomplete="off" alone doesnt work, after adding role="presentation" along that, makes it work
D
Denis Brezhitskiy

In some cases, the browser will keep suggesting autocompletion values even if the autocomplete attribute is set to off. This unexpected behavior can be quite puzzling for developers. The trick to really forcing the no-autocompletion is to assign a random string to the attribute, for example:

autocomplete="nope"

RE: 'unexpected behavior' This behavior is pushed by Google who believes it knows better than developers how every single page should work. Sometimes I just want a raw password input, zero frills.
this combination FINALLY worked for me: role="presentation" autocomplete="nope" tested on Chrome Version 64.0.3282.186 (Official Build) (64-bit). What a nightmare!
The random string works for chrome but not firefox. For completeness I use both "autocomplete='off-no-complete'" and set the readonly attribute with an onfocus="this.readOnly=false". My app is an enterprise appliation that users use to input thousands of addresses, so the use-case to control this is real - I can also guarantee the use of Javascript, so at least I've got that going for me
R
Rob Jensen

I've found that adding this to a form prevents Chrome from using Autofill.

<div style="display: none;">
    <input type="text" id="PreventChromeAutocomplete" name="PreventChromeAutocomplete" autocomplete="address-level4" />
</div>

Found here. https://code.google.com/p/chromium/issues/detail?id=468153#hc41

Really disappointing that Chrome has decided that it knows better than the developer about when to Autocomplete. Has a real Microsoft feel to it.


It's not really the fact that you say PreventChromeAutocomplete. I was able to get autocomplete to work by saying autocomplete="off" and name="somename". But this only works if you name two different inputs the same name. So in your case PreventChromeAutocomplete must have been applied to two different inputs. Very strange...
A
Avindu Hewa
<input readonly onfocus="this.removeAttribute('readonly');" type="text">

adding readonly attribute to the tag along with the onfocus event removing it fixes the issue


f
falsarella

For username password combos this is an easy issue to resolve. Chrome heuristics looks for the pattern:

<input type="text">

followed by:

<input type="password">

Simply break this process by invalidating this:

<input type="text">
<input type="text" onfocus="this.type='password'">

Unfortunately, this applies to more than just username/password type things. Chrome will look at the placeholder text to infer what to suggest. For example: jsbin.com/jacizu/2/edit
It is valid that you will still be able to fill the fields with browser suggestions as your example demonstrates, so this doesn't really address the OPs issue. This solution, just prevents the browser from "automatically" populating username and passwords combos as in the example by the top answer. This may be of use to some, but is not an end-all solution to just disabling autocomplete, that will have to come from Google.
Although, if you add a space in front of your placeholder text it will disable the auto-suggest based on placeholder too. Definitely a hack, although no more so than the other suggestions. jsbin.com/pujasu/1/edit
actually... it seemed to work for your example, but for some reason it's not working for me :-(
Ha! That's why it's called a hack... Do you have an example you can share where it's not working?
M
Mike

In 2016 Google Chrome started ignoring autocomplete=off though it is in W3C. The answer they posted:

The tricky part here is that somewhere along the journey of the web autocomplete=off become a default for many form fields, without any real thought being given as to whether or not that was good for users. This doesn't mean there aren't very valid cases where you don't want the browser autofilling data (e.g. on CRM systems), but by and large, we see those as the minority cases. And as a result, we started ignoring autocomplete=off for Chrome Autofill data.

Which essentially says: we know better what a user wants.

They opened another bug to post valid use cases when autocomplete=off is required

I haven't seen issues connected with autocomplete throught all my B2B application but only with input of a password type.

Autofill steps in if there's any password field on the screen even a hidden one. To break this logic you can put each password field into it's own form if it doesn't break your own page logic.

<input type=name >

<form>
    <input type=password >
</form>

Since your answer is the most recent one, could you please add that adding autocomplete="pineapple" or some other gibberish also seems to fix the problem? At least, it did on my end!
@DouwedeHaan this is fine until the form gets saved, then autocomplete will provide recommendations for saved 'pineapple' field. But maybe using a random hash for autocomplete value for example would get round this?
@digout I agree. A good example would be to use the UUID for this kind of stuff. Just make sure that the string is unique!
revolve my problem with autocomplete="pineapple" ahah!! The dumbest workaround of my life :D Thx a lot! :D
m
mccainz

Mike Nelsons provided solution did not work for me in Chrome 50.0.2661.102 m. Simply adding an input element of the same type with display:none set no longer disables the native browser auto-complete. It is now necessary to duplicate the name attribute of the input field you wish to disable auto-complete on.

Also, to avoid having the input field duplicated when they are within a form element you should place a disabled on the element which is not displayed. This will prevent that element from being submitted as part of the form action.

<input name="dpart" disabled="disabled" type="password" style="display:none;">
<input name="dpart" type="password">
<input type="submit">

As for June of 2016 and Chrome 51.0.2704.106 m this is the only working solution over here
But will the form select the right (visible) input field you need then? Because it's the same name.
@Vaia, adding the disabled attribute to the duplicate element will prevent it from being submitted.
C
Chris Pratt

There's two pieces to this. Chrome and other browsers will remember previously entered values for field names, and provide an autocomplete list to the user based on that (notably, password type inputs are never remembered in this way, for fairly obvious reasons). You can add autocomplete="off" to prevent this on things like your email field.

However, you then have password fillers. Most browsers have their own built-in implementations and there's also many third-party utilities that provide this functionality. This, you can't stop. This is the user making their own choice to save this information to be automatically filled in later, and is completely outside the scope and sphere of influence of your application.


The first part of this answer doesn't doesn't appear to be true anymore: Chrome Bug
I'm not sure what you're on about. That "bug" is just a placeholder for Chromium to collect people's use cases for autocomplete="off". It's possible the intent is to remove it, but that's not ever explicitly stated, and there's certainly nothing requiring that mental leap. They may just be wanting to consider alternate or better ways to treat it. Regardless, it's still part of the spec, and again, no indication that it will be leaving the spec either. And, it still works in all browsers as far as I'm aware, including Chrome.
We have a couple of cases where autocomplete="off" is not being respected by Chrome.
1. A couple of anecdotal cases does not amount to evidence. 2. As I said in my answer, form filling extensions and the like may not and often do not respect this. Ultimately, like all things, it's up to the client, and therefore the user. All you can do is suggest that it should not be autofilled.
R
Ryan Grush

If you're having issues with keeping placeholders but disabling the chrome autofill I found this workaround.

Problem

HTML

<div class="form">
    <input type="text" placeholder="name"><br>
    <input type="text" placeholder="email"><br>
    <input type="text" placeholder="street"><br>
</div>

http://jsfiddle.net/xmbvwfs6/1/

The above example still produces the autofill problem, but if you use the required="required" and some CSS you can replicate the placeholders and Chrome won't pick up the tags.

Solution

HTML

<div class="form">
    <input type="text" required="required">
    <label>Name</label>  
    <br>
    <input type="text" required="required">
    <label>Email</label>    
    <br>
    <input type="text" required="required">
    <label>Street</label>    
    <br>
</div>

CSS

input {
    margin-bottom: 10px;
    width: 200px;
    height: 20px;
    padding: 0 10px;
    font-size: 14px;
}
input + label {
    position: relative;
    left: -216px;
    color: #999;
    font-size: 14px;
}
input:invalid + label { 
    display: inline-block; 
}
input:valid + label { 
    display: none; 
}

http://jsfiddle.net/mwshpx1o/1/


This is the only solution that actually works. I really don't like it, but that's the crummy state we're in right now :-(
As of 2017, this one still works fine. It just needs this script to force input focus if the user clicks on the "fake" placeholder : $("label").on("click",function(){ $(this).prev().focus(); }); Note that the label cannot be before the input... Chrome finds it! Nice creative solution! +1
M
MZaragoza

I really did not like making hidden fields, I think that making it like that will get really confusing really fast.

On the input fields that you want to stop from auto complete this will work. Make the fields read only and on focus remove that attribute like this

<input readonly onfocus="this.removeAttribute('readonly');" type="text">

what this does is you first have to remove the read only attribute by selecting the field and at that time most-likely you will populated with your own user input and stooping the autofill to take over


Unfortunately, this no longer works :-( jsbin.com/sobise/edit?html,css,output
D
Dr. Gianluigi Zane Zanettini

As per Chromium bug report #352347 Chrome no longer respects autocomplete="off|false|anythingelse", neither on forms nor on inputs.

The only solution that worked for me was to add a dummy password field:

<input type="password" class="hidden" />
<input type="password" />

M
MagicSux

Well since we all have this problem I invested some time to write a working jQuery extension for this issue. Google has to follow html markup, not we follow Google

(function ($) {

"use strict";

$.fn.autoCompleteFix = function(opt) {
    var ro = 'readonly', settings = $.extend({
        attribute : 'autocomplete',
        trigger : {
            disable : ["off"],
            enable : ["on"]
        },
        focus : function() {
            $(this).removeAttr(ro);
        },
        force : false
    }, opt);

    $(this).each(function(i, el) {
        el = $(el);

        if(el.is('form')) {
            var force = (-1 !== $.inArray(el.attr(settings.attribute), settings.trigger.disable))
            el.find('input').autoCompleteFix({force:force});
        } else {
            var disabled = -1 !== $.inArray(el.attr(settings.attribute), settings.trigger.disable);
            var enabled = -1 !== $.inArray(el.attr(settings.attribute), settings.trigger.enable);
            if (settings.force && !enabled || disabled)
                el.attr(ro, ro).focus(settings.focus).val("");
        }
    });
};
})(jQuery);

Just add this to a file like /js/jquery.extends.js and include it past jQuery. Apply it to each form elements on load of the document like this:

$(function() {
    $('form').autoCompleteFix();
});

jsfiddle with tests


A
Abela

Try the following jQuery code which has worked for me.

if ($.browser.webkit) {
    $('input[name="password"]').attr('autocomplete', 'off');
    $('input[name="email"]').attr('autocomplete', 'off');
}

awesome awesome solutions
You can just add autocomplete="off" to the input field instead of using jquery. And by the way, this does not work. Chrome password suggestions are still showing up.
h
hyper_st8

Here's a dirty hack -

You have your element here (adding the disabled attribute):

<input type="text" name="test" id="test" disabled="disabled" />

And then at the bottom of your webpage put some JavaScript:

<script>
    setTimeout(function(){
        document.getElementById('test').removeAttribute("disabled");
        },100);
</script>

This is a good solution, if you don't mind Javascript. I found Chrome still adds a password after clicking around the page a bit, so i re-enabled the field in an onmouseover event listener.
M
Michael.

Different solution, webkit based. As mentioned already, anytime Chrome finds a password field it autocompletes the email. AFAIK, this is regardless of autocomplete = [whatever].

To circumvent this change the input type to text and apply the webkit security font in whatever form you want.

.secure-font{
-webkit-text-security:disc;}

<input type ="text" class="secure-font">

From what I can see this is at least as secure as input type=password, it's copy and paste secure. However it is vulnerable by removing the style which will remove asterisks, of course input type = password can easily be changed to input type = text in the console to reveal any autofilled passwords so it's much the same really.


Thank you! This is the only thing that works in chrome 49. Previous methods broke as chrome seems to fill all inputs with type="password" now.
m
mumair

By setting autocomplete to off should work here I have an example which is used by google in search page. I found this from inspect element.

https://i.stack.imgur.com/NLvNh.png

edit: In case off isn't working then try false or nofill. In my case it is working with chrome version 48.0


e
eug

I've finally found success using a textarea. For a password field there's an event handler that replaces each character typed with a "•".


T
Thuong

I've faced same problem. And here is the solution for disable auto-fill user name & password on Chrome (just tested with Chrome only)

    <!-- Just add this hidden field before password as a charmed solution to prevent auto-fill of browser on remembered password -->
    <input type="tel" hidden />
    <input type="password" ng-minlength="8" ng-maxlength="30" ng-model="user.password" name="password" class="form-control" required placeholder="Input password">

strange fix but somehow that's the only thing that works for me on chrome 48 :)