[jroblak]

You've completely missed the point of the comment.

Your parent was describing a system where an Administrator edits other users' data. If that Administrator is using Chrome while editing a user, then there is no way to disable autocomplete, and the browser may fill the user's form fields with the Administrator's information resulting in bad data.

[iamdave]

I read "edit users profiles" to mean their Chrome profile, so my mistake in misreading that.

(That said though, doesn't Autocomplete in chrome only work if you select the text in the drop down and hit enter/tab? For an address field, for example if you type "123" and the box appears to select "123 Maple Street", can't you just bypass that entirely by continuing to type and not clicking on the suggestion?)

[wmil]

If you allow it to remember your login credentials it will autofill any input that it thinks is a login / password.

That leads to some random behaviour.

[takeda]

Chrome copied many features from Opera (the old Opera) I'm still surprised why they decided not to copy Wand (by default the browser does not populate any fields unless you click on the wand button or use keyboard shortcut).

This works so much better than the behavior other browsers use.

[Hondor]

What's more of a surprise is that there's a browser that has such a clumsy sounding feature as this "wand". Only power users are going to bother clicking a button just to help them fill in a form, or even know that's what the button does in the first place. That kind of manually activated feature seems to be completely against Chrome's style of minimalist UI, and for good reason, it will be one more confusing button for 90% of users to look at every day and be reminded that computers are complicated.

I wouldn't bother trying to work out some weird button, I'd just manually type my details again and again into every form and feel annoyed that the browser isn't remembering them like other browsers do.

[thwarted]

Only power users are going to bother clicking a button just to help them fill in a form, or even know that's what the button does in the first place.

This is an interesting observation. I never used the "wand" function in Opera because, partly, it's named in such a way as to not appeal to power users at all. The name "wand" says "do something magically". Agreed that "wand" doesn't indicate what it does, which is another reason to shy away from it. It's such a generic term as to be useless. Literally anything could be behind the "magic" operation.

[takeda]

I don't care about name, just the functionality. It could be called Secure Login, Autocomplete or other things. As long as it works correctly.

Another thing I forgot to mention which is quite important. It works well when your password store is encrypted. It allows browser to ask you for your master password when you are trying to log in to the page, not when you happen to visit page that password is stored. This makes feasible to use configuration where the password is forgotten either immediatelly or after few minutes. Having encrypted password store in FF or Chrome and not storing the password all the time in memory is essentially unusable.

[takeda]

Well I typically used Ctrl+Enter and it filled the forms, if it was a login prompt it automatically logged me in.

Not sure about the newbie argument, yes it might be like that in the beginning, but you won't stay newbie forever you learn things. Also I'm not buying the minimalist argument, Chrome currently is one of biggest resource hogs among browsers.

Anyway at least provide option to enable such behavior. On Firefox I use Secure Login extension to emulate that, but it doesn't work as well as Wand did.

[iamdave]

That leads to some random behaviour.

Elaborate? What is the impact of this random behavior for the-in the case of the analogy before us-an administrator? Doesn't Chrome's autocomplete, in the case of credentials know which credential belongs to what password?

If an admin goes to log into gmail on an end user machine, and enters his email address, why would the user's password pop into the password field?

I'm afraid I don't understand your counterpoint.

[grey-area]

The admin visits a page to edit a normal user on their website, which contains fields like email/password etc for that other user.

Chrome autocompletes the admin user's password and email in the form fields without user interaction. There was no mechanism to tell chrome not to do this if autocomplete=off is ignored, but you can set autocomplete to an arbitrary value (say =nope not =off as in spec) and it will not autocomplete.

I've seen this on real sites and had users complain about it, it is a very real issue, and unfortunately not all admin users are savvy enough to turn off autocomplete in just one instance, when they use it all the time elsewhere (even on the same website). It's nice if the website can somehow fix this by saying they really don't want autocomplete on a form to edit other users.

Personally I think the browser should give the user control, but autocomplete should not be the default if the website requests it to be off, it should be available on right click or with some easily accessible option. This should satisfy everyone and avoid situations like the one described above where the user sees arbitrary and incorrect values being filled in a form which is not related to their user and is not a login form.

[iamdave]

Let me ask a quick question because after reading your post I think a lightning bolt just struck my brain, and I went and read other comments:

Have I been confusing autocomplete with auto-fill this whole time? Autofill where, let's say you shop on a site often, and you fill out one form field, select a saved entry and the rest of the form fills out?

[dragonwriter]

> That leads to some random behaviour.

Mostly on sites that both have traditional login forms and use forms where other fields are mis-identified as password fields.

[phil21]

So don't use autocomplete? I still don't understand your point.

It's not like leaving it on you are forced to use it. The client still has the choice. By turning it off you are removing choice.

If your Administrator is too stupid to stop messing up and using autocomplete where it's not appropriate, then I think the correct action here is a pink slip.

I generally agree you should try to keep users from shooting themselves in the foot, but not at the cost of hamstringing users who may want to use things differently.

[grey-area]

autocomplete in chrome fills in the forms without user interaction, the user doesn't get the choice, they can only wipe the fields afterwards if they happen to notice.

[jroblak]

Yeah, fair, but it would be a better user experience if they didn't even have the option. This directly contradicts Google's position. You're statement is basically: Comment: User error Closed: Won't Fix