password

Summary

The password type of the <input> element represents a one-line plain-text edit control for entering a password, which renders input text in such a way as to hide the characters (e.g., a series of asterisks).

Overview Table

Notes

Remarks

Security Warning:  Using this object incorrectly can compromise the security of your application. Passwords submitted through input type=password are not encrypted and therefore not secure. Using Secure Hypertext Transfer Protocol (HTTPS) is strongly recommended. You should also use the post method for submitting passwords. This submission method hides the password from most users by placing it in the HTTP header. The get method submits the password as part of the URL string, which might be exposed in the Address bar and the status bar. You should review the Security Considerations: Dynamic HTML before continuing. Note  Starting with Internet Explorer 10, password fields will automatically display a warning if the caps lock is on. To turn off the automatic caps lock warning, use the msCapsLockWarningOff property on the document object.

Standards information

• HTML5 A vocabulary and associated APIs for HTML and XHTML
• HTML 4.01 Specification, Section 17.4

HTML information

{

Related specifications

Compatibility

Desktop

Mobile

See also

Related pages (MSDN)

• input
• msCapsLockWarningOff
• Form controls part 1
• Form controls part 2: validation