Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Why does the password manager prompt on submit instead of on, and only on, successful response?

  • 1 reply
  • 1 has this problem
  • 9 views
  • Last reply by jayelbe

more options

I am comparing different browser-based password manager implementations.

I noticed that Firefox prompts to remember credentials when a form is submitted, but some other browsers, e.g., Google Chrome, wait until the server responds with a success status before prompting (and, if the server responds with an error status, then the browser does not prompt to remember the credentials).

I assume there are pros/cons to these different approaches, and I would like to better understand the trade-offs.

Right now, all I see is that it is possible—even likely—for a user to tell Firefox to remember an incorrect/invalid password—which seems like a downside to Firefox's approach.

Attached screenshots

Chosen solution

Hi Adam,

Excellent question!

It's actually quite difficult for Firefox to tell that a login has succeeded. From the browser's perspective, a login form has been submitted, the server has responded and a new page has loaded.

Actually drilling down into that new page to figure out whether the login was successful or not is a real challenge. There are many different techniques that a website might use to tell a user that a login was not successful, using different designs and different layouts, so it would be difficult to automatically detect an error.

It is on the Password Manager team's list as a possible feature improvement. I just don't think the developers have had the time to look at it yet!

Bw,


Josh

Read this answer in context 👍 1

All Replies (1)

more options

Chosen Solution

Hi Adam,

Excellent question!

It's actually quite difficult for Firefox to tell that a login has succeeded. From the browser's perspective, a login form has been submitted, the server has responded and a new page has loaded.

Actually drilling down into that new page to figure out whether the login was successful or not is a real challenge. There are many different techniques that a website might use to tell a user that a login was not successful, using different designs and different layouts, so it would be difficult to automatically detect an error.

It is on the Password Manager team's list as a possible feature improvement. I just don't think the developers have had the time to look at it yet!

Bw,


Josh