As a JIRA System Administrator, I can instruct web browsers to not allow saving a user's password in the various login options, so that unauthorized users can not access the system.

XMLWordPrintable

      NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion.

      In some organisations, as part of a set of security requirements, it is required for compliant applications, to disallow users to store there application password in their browser.

      It would be perfect, if JIRA (and all other Atlassian applications) would allow to configure the autocomplete="off" attribute for username and password fields as well as turning of the "Remember me on this computer" function.

      Here is how it might get implemented:
      Add an boolean option called "Allow users to store there login and keeping logged in" in the Administration section under "General Configuration".
      If set to On, JIRA should behave as today (default).
      If set to Off, the login gadget as well as the dedicated login pages (including the Administrator login) should include the autocomplete="off" attribute for username and password fields. Additionally, the login gadget as well as the dedicated login page should not display the "Remember me on this computer" function.

              Assignee:
              Unassigned
              Reporter:
              Oliver Wahler
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: