bankofamerica.com login-in form keeps passcode field disabled

By design Issue #8489704

Details

Author
Richard S.
Created
Aug 15, 2016
Privacy
This issue is public.
Found in
  • Microsoft Edge
Found in build #
14.14393
Reports
Reported by 2 people

Sign in to watch or report this issue.

Steps to reproduce

Visit https://secure.bankofamerica.com/login/sign-in/signOnV2Screen.go when you have a username and password saved. There are two issues.

The username field is populated but the passcode field is not. This is issue #2.

The passcode field is disabled. The only way I found to enable it is to modify the username field. When I click on the username field there is a dropdown with the username saved in my password list. Selecting that isn’t sufficient. You must type characters in the username field.

Attachments

0 attachments

    Comments and activity

    • Microsoft Edge Team

      Changed Assigned To to “Ibrahim O.”

    • After a cursory glance at the code, it appears there are event listeners on the User ID field for keypress, keyup, and paste events. These events are used to conditionally remove the disabled attribute from the passcode field. This explains why the user must interact with the field to see the disabled attribute removed; interacting triggers one of the three aforementioned events.

    • Microsoft Edge Team

      Changed Title from “//secure.bankofamerica.com/login/sign-in/signOnV2Screen.go keeps passcode field disabled” to “bankofamerica.com login-in form keeps passcode field disabled”

    • If the password field were populated with the saved password, this would not be an issue. I don’t know if it fails to get populated because it is disabled. Coming at it from the other direction, maybe the autofill of the username field is not handled correctly. Maybe it should appear as a sequence of keypresses or a paste.

    • Thank you for your feedback. This is by design that site doesn’t allow the user interact with “Passcode” field unless the “Online ID” field input matches the criteria defined by the website. On the other hand for security reason seems like user has to enter passcode for each entry whether Online ID has been saved or not. Meaning, it is also by design by the website that doesn’t populate the passcode field. (Please let us know if you experience different behavior in different browsers) In addition, if you have saved your Online ID on the site, next time you visit the page, passcode field should be enabled and empty because your ID field is already defined. Before we close the bug, please also let us know if we are missing something in the repro steps.

      All the best,
      The MS Edge Team

    • Microsoft Edge Team

      Changed Assigned To from “Ibrahim O.” to “James M.”

      Changed Status to “By design”

    You need to sign in to your Microsoft account to add a comment.

    Sign in