Autocomplete should be set to off for LostPassword Questions
People report that they are afraid to use public terminals to signup with CAcert, as autocompletition might be enabled for the webforms.
Same can happen if people let someone access his/her CAcert account using their own browser: CAcert LP Answers are shown.
Where people might like this function, at least for LP questions it should be deactivated (maybe for the whole registration process), as this is security related. For login passphrase it may stay active, as webbrowsers normally ask before saving a password to their store.
Comments
Set to Open (2005-07-01)