Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Deleted user
0 / 0 points
Next:
badges earned

Your Points Tracker
Challenges
Leaderboard
  • Global
  • Feed

Badge for your thoughts?

You're enrolled in our new beta rewards program. Join our group to get the inside scoop and share your feedback.

Join group
Recognition
Give the gift of kudos
You have 0 kudos available to give
Who do you want to recognize?
Why do you want to recognize them?
Kudos
Great job appreciating your peers!
Check back soon to give more kudos.

Past Kudos Given
No kudos given
You haven't given any kudos yet. Share the love above and you'll see it here.

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Jira is populating user names in login page

HI Everyone,

 

We have recently upgraded our Jira from 7.12 to 8.13 and one of the security vulnerability needs to be fixed. please share your knowledge to resolve the same

 

when we place cursor on username field it is automatically showing username below. which needs to be prevented.

 

Thank you in advance.

snip attached for community.PNG 

1 answer

2 votes
Daniel Eads Atlassian Team May 19, 2021

Hi @vivekrao_k ,

This looks like the browser is remembering previous values entered into the form, rather than something Jira is trying to autocomplete server-side. My suggestion would be to clear or disable the autofill feature in the browser. Here's an article describing how to do this for the most popular browsers on both Mac and Windows.

Cheers,
Daniel

HI @Daniel Eads 

Thank you for the response, but for the previous versions of Jira(7.12) and confluence (6.12) , had seen this login population was disabled by editing of login.vm in confluence and login.jsp in Jira, if you have any idea regarding what value needs to be changed to solve this issue.. but in latest version Jira 8.13 and confluence 7.14 i am doing the same changes but it is not reflecting.

your suggestion would be appreciated.

Daniel Eads Atlassian Team May 20, 2021

Hi @vivekrao_k ,

Browsers have not supported this consistently for a while. According to the Mozilla developer docs: 

Modern browsers implement integrated password management: when the user enters a username and password for a site, the browser offers to remember it for the user. When the user visits the site again, the browser autofills the login fields with the stored values.

Additionally, the browser enables the user to choose a master password that the browser will use to encrypt stored login details.

Even without a master password, in-browser password management is generally seen as a net gain for security. Since users do not have to remember passwords that the browser stores for them, they are able to choose stronger passwords than they would otherwise.

For this reason, many modern browsers do not support autocomplete="off" for login fields:

  • If a site sets autocomplete="off" for a <form>, and the form includes username and password input fields, then the browser still offers to remember this login, and if the user agrees, the browser will autofill those fields the next time the user visits the page.
  • If a site sets autocomplete="off" for username and password <input> fields, then the browser still offers to remember this login, and if the user agrees, the browser will autofill those fields the next time the user visits the page.

This is the behavior in Firefox (since version 38), Google Chrome (since 34), and Internet Explorer (since version 11).

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Asked in Atlassian Account

Upcoming AMA with the Atlassian Identity Product Managers!

"Atlassian Account" is a space where you can raise questions about your Atlassian Account and your identity across all of our Atlassian Cloud Products. This involves understanding User Managemen...

1,157 views 8 17
View question

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you