Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

10.13.4: restore old Autofill behavior for usernames and passwords

E

exi

macrumors 6502
Original poster
Oct 16, 2012
454
82
With this latest round of updates, I've noticed that 10.13.4 makes it such that specifying to autofill my password on saved sites is necessary when the page loads. Same on iOS 11.3.

Prior to 10.13.4 / iOS 11.3, usernames AND passwords would automatically populate on page load if saved and Safari was configured to do so, essentially saving a click or two.

Is there a way to restore that behavior (in either macOS or iOS)?

I've read that it is possible for malicious sites to obtain login credentials if they are in those fields even if the user doesn't click "submit" / "login" / etc, although I'm unfamiliar with how that might work and am not sure if it would be a significant risk with my use case. Have looked but haven't seen how/if possible.

Thanks in advance.
 
  • Like
Reactions: TheMountainLife
exi said:
With this latest round of updates, I've noticed that 10.13.4 makes it such that specifying to autofill my password on saved sites is necessary when the page loads. Same on iOS 11.3.

Prior to 10.13.4 / iOS 11.3, usernames AND passwords would automatically populate on page load if saved and Safari was configured to do so, essentially saving a click or two.

Is there a way to restore that behavior (in either macOS or iOS)?

I've read that it is possible for malicious sites to obtain login credentials if they are in those fields even if the user doesn't click "submit" / "login" / etc, although I'm unfamiliar with how that might work and am not sure if it would be a significant risk with my use case. Have looked but haven't seen how/if possible.

Thanks in advance.
Click to expand...

The risk is simply from using auto fill to fill out passwords, the attack can reveal passwords for any site for which credentials are stored, not just the one you’re currently visiting. Anyone who uses Safari in this way is affected and at risk, I wouldn’t change it back, even if you found a way.
 
Last edited:
CaTOAGU said:
The risk is simply from using auto fill to fill out passwords, the attack can reveal passwords for any site for which credentials are stored, not just the one you’re currently visiting. Anyone who uses Safari in this way is affected and at risk, I wouldn’t change it back, even if you found a way.
Click to expand...

Interesting. I'm usually pretty good on keeping up with such things, but that's something in terms of the breadth of vulnerability -- have a link you could share on how this works technically? News to me.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back