Feature Requests
Share ideas, discuss and vote on requests from other users in community

Avoid prefill of 2FA form token

Roberto Alvarado shared this idea 2 years ago
Under Consideration


If your using the 2FA addon in your whmcs (including in whmcs.com), you can see the 2FA token/code can be remembered or autofilled by your browser, there is not reason to remember a expired token and may be a security problem.

When you check the login.tpl the html form of the 2FA is on a variable "{$challengeHtml}", so you cant modify the form to add, for example, autocomplete="off" to it.

  1. <div class="text-center" align="center">



Please, add the autocomplete="off" or what need it to avoid the autofill of the token.