- Open a new browser window and navigate to your bank’s website, say for instance, www.citicards.com
- As soon as the login form appears, you click your mouse into the username box and enter your username
- You hit tab, shudder at the fact that you have to hit tab again to get to the password box, but nonetheless, you hit tab again to put focus into the password box
- You type your cryptic, ultra-secure password that you never want anyone to see, maybe glancing down at the keyboard while you type it because it’s so hard to type the thing
- You look back at the screen before hitting enter, and you see the screen shot below
For this demonstration, I put in my User ID as “username” then hit tab twice and entered my password of “super secret.” As you can see, my super secret password isn’t much of a secret anymore.
How did this happen?
I see this crap all the time. I’m tired of it. If you’re the owner of a login form, or for that matter, any other form that automatically sets focus, please do some checks to make sure you’re not pissing your users off when you’re in fact trying to help them.