Why is every top-level comment equating autocomplete with the ability to paste a password? Those are two explicitly different use cases, and one should not affect the other.
I don't want my password fields autocompleting; that sounds like an absolute usability nightmare. Conversely, I don't think browsers should even be able to stop me from pasting whatever I damn well please into a password field.
As to the other sentiments expressed here and in the main issue thread, I don't really disagree with Google's stance on autocomplete in regular form fields. I only really care about being able to remove invalid autocomplete entries that I may have mistakenly entered in the past (without simply deleting every entry).
> I don't want my password fields autocompleting; that sounds like an absolute usability nightmare.
Why? The usability is really good. This feature is invaluable if you use unique random passwords for every web site. Security has to be painless in order to work. If it's not, people will go back to using the same weak password for every site.
Letting web developers tell the browser what fields it should autofill is a fine idea. Unfortunately, they decided to use this power to turn off people's password managers for bullshit "security reasons". This is why we can't have nice things.
I don't want my password fields autocompleting; that sounds like an absolute usability nightmare. Conversely, I don't think browsers should even be able to stop me from pasting whatever I damn well please into a password field.
As to the other sentiments expressed here and in the main issue thread, I don't really disagree with Google's stance on autocomplete in regular form fields. I only really care about being able to remove invalid autocomplete entries that I may have mistakenly entered in the past (without simply deleting every entry).