How do I disable autocomplete in the login form input fields?

Question

The Web server allows form based authentication without disabling the AutoComplete feature for the password field. 

Some security tests recommend autocomplete should be turned off for any input that takes sensitive information such as credit card number, CVV2/CVC code, U.S. social security number, etc. How do I do this?

Answer 1

You can disable password auto-complete by setting allowBrowserPasswordStorage to false in CompleteFTP's web-app customizations file.

To do this:

1. Open Windows File Explorer
2. Navigate to C:\ProgramData\Enterprise Distributed Technologies\Complete FTP\Include
3. If there isn't already a subdirectory named, Custom, then create one.
4. Change into C:\ProgramData\Enterprise Distributed Technologies\Complete FTP\Include\Custom
5. If there isn't already a file named customization.jss then create one.
6. Open customization.jss in a text editor (e.g. Windows NotePad or NotePad++)
7. Add the following line to the file:
   allowBrowserPasswordStorage = false;
8. Save the file
9. Try logging in again and verify that Passwords are no longer auto-completed.