Avoid prefill of 2FA form token
-
Roberto Alvarado shared this idea 5 years ago
- Admin Area
- Post the first comment
1
Votes
Login to Vote
Hi,
If your using the 2FA addon in your whmcs (including in whmcs.com), you can see the 2FA token/code can be remembered or autofilled by your browser, there is not reason to remember a expired token and may be a security problem.
When you check the login.tpl the html form of the 2FA is on a variable "{$challengeHtml}", so you cant modify the form to add, for example, autocomplete="off" to it.
[co] <div class="text-center" align="center">
{$challengeHtml}
</div> [/co]
Please, add the autocomplete="off" or what need it to avoid the autofill of the token.
Thanks
Regards
If your using the 2FA addon in your whmcs (including in whmcs.com), you can see the 2FA token/code can be remembered or autofilled by your browser, there is not reason to remember a expired token and may be a security problem.
When you check the login.tpl the html form of the 2FA is on a variable "{$challengeHtml}", so you cant modify the form to add, for example, autocomplete="off" to it.
[co]
{$challengeHtml}
</div>
Please, add the autocomplete="off" or what need it to avoid the autofill of the token.
Thanks
Regards
Post the first comment
Login to post a comment.