Hi my site failed a PCI compliance check because of the autofill behaviour on the CB login module / menu.
How can i override this behaviour? Or is there a configuration setting or joomla plugin?
Thanks for any pointers
I'm not sure how a PCI compliance check would fail due to a login modules autofill. I've never heard of such a requirement. Sounds like your site was checked with some buggy AI tool?
The post you linked is in regards to backend user edit where we already have autofill turned off. Same for frontend profile edit. Autofill in the login module is intentional and is exactly where autofill should be used. Login module autofill can't be turned off without using a Joomla template override of the modules layout and adding that yourself.
Kyle (Krileon) Community Builder Team Member Before posting on forums:
Read FAQ thoroughly
+
Read our Documentation
+
Search the forums CB links:
Documentation
-
Localization
-
CB Quickstart
-
CB Paid Subscriptions
-
Add-Ons
-
Forge
-- If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
-- If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please
send me a private message
with your thread and will reply when possible!
-- Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
-- My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Only solution I can offer then is Joomla template layout for your login module and change autocomplete="username" and autocomplete="password" to autocomplete="off". I still don't see what this has to do with PCI compliance though I'd question whoever told you this and push back on it as it makes no sense. The UX hit you'll get from this will be unpleasant as users will be frustrated with the login friction of not being able to use browser autofill.
Kyle (Krileon) Community Builder Team Member Before posting on forums:
Read FAQ thoroughly
+
Read our Documentation
+
Search the forums CB links:
Documentation
-
Localization
-
CB Quickstart
-
CB Paid Subscriptions
-
Add-Ons
-
Forge
-- If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
-- If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please
send me a private message
with your thread and will reply when possible!
-- Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
-- My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
krileon
