Normally when you login to a website, you will notice that your Firefox or Chrome web browser will prompt you to remember or save the password. This is a very useful feature from web browser that offers the convenience of automatically logging in to websites without manually typing the username and password. Some users are concerned about the safeness in saving their password but they can rest assured that they will stay safe when it is encrypted with a master password.
You may have noticed that your web browser does not seem to ask you to save the password for certain websites such as PayPal, online banking websites like Citibank and etc. This is not due to a possible faulty password manager but rather that the login page containing a piece of code that is used as a standard to tell the web browser not to prompt the user to save the password for security reasons. Here is the HTML source code of the PayPal’s login webpage that has an autocomplete=”off” added to the password input box.
If you are looking for ways to bypass the autocomplete=off and force your web browser to save the password on all websites, here are a few workarounds.
1. Add-on Extension
Installing an extension is probably the easiest method because you do not need to manually hack any files. All you need to do is install this plugin called Remember Passwords and it works right out of the box without any configuration.
2. Greasemonkey User Script
If you already have Greasemonkey extension installed, you may as well install a user script called “Allow Password Remembering” rather than installing another plugin to do the job. Basically this user script removes the autocomplete=”off” from the HTML. Although this script is dated back in 2005, but it works perfectly on some of the websites that we have tested.
Using bookmarklet is great for people who prefers more control. This would mean that by default your web browser will still respect the autocomplete=off value but you can still force to save the password by clicking on the bookmarklet that you’ve added to the bookmark toolbar and then followed by logging in. We have tested it on PayPal and it works perfectly.
Do note that it is reported that the bookmarklet method is not that reliable and there are a few alternate versions available.
4. Hacking the omni.ja
For users that do not like to install 3rd party scripts or plugins or perhaps they already have tons of them installed, here is how you can manually disable the autocomplete=”off” in Firefox.
– First you need to use an archiver such as WinRAR, PowerArchiver, Bandizip that is able to open the omni.ja file found in the folder where Firefox is installed. (Normally it is at C:\Program Files\Mozilla Firefox). From the archiver, go to jsloader\resource\gre\components\ and delete the nsLoginManager.js file.
– Then still from the archiver, go to components folder and edit the nsLoginManager.js with a text editor such as Notepad++ that is able to handle unix-style line breaks.
– Search for _isAutoCompleteDisabled in the nsLoginManager.js file and delete the part that is highlighted in yellow. Save the changes and click on the yes button when the archiver prompts you to update the nsLoginManager.js with the modified version.
Alternatively, you can just download the modified omni.ja file from Firefox 21 that ignores the autocomplete=”off” for Windows or Mac OS X and replace it with the ones that is on your computer. As you can see from the screenshot below, Firefox prompts to remember the password in PayPal.
Editor’s Note: By using any of the 4 methods above to remove or ignore the autocomplete=off from the HTML source code, it would work on most traditional login webpages. However it will still not work for some websites that uses more complex methods to login, for example the new Hotmail/Outlook.com. So far we can confirm that LastPass, an excellent cloud based password manager is able to automatically login to Hotmail/Outlook.com.