I'm getting the regular home page now - I assume ?downtime was affixed to the URL by the submitter in order to post it, or is there supposed to be a downtime message?
Edit: Like I wrote, I'm having no problem accessing the site presently, but yesterday it was certainly hard.
SEEKING WORK - Remote preferred, based in Dublin,Ireland
Experienced full-stack web & mobile developer on a range of technologies and business sectors. Most recently proficient in .net mvc 4 & android 4.x, but also experience in the following (not exclusive):
A lot of bespoke (and so closed source) work, but some github code linked from my blog; e-mail me if interested for resume & work details.
http://www.brendanwhelan.net/contact
Why is it good practice to use it on login fields? That just means your users will use weaker (easier to remember) passwords on your site instead of using random, unique ones stored in a password manager.
I've noticed with Firefox (17 ESR) that, having once used Firebug to delete the 'autocomplete="no"' attribute on a password field and then submitted the form, it's not necessary to do so again; in whatever heuristic Firefox uses to determine how to behave in that case, the existence of auto-completion data for the field apparently overrides the advice given by the attribute. For those leery of adding still more extensions to a Firefox profile already well larded with them, this may be useful information.
An attacker that can make use of an auto-completing password field has got enough access to mean that the game is over anyway - they can get that password from a variety of other sources on the machine.
Turning off autocomplete on login fields doesn't make that form more secure, and it does annoy users.
As kalleboo says, it probably reduces security as your users change to easy to type passwords, or keep needing password resets.
Sorry, there's a bit of misunderstanding here; I should have made it clearer. Password type fields shouldn't autocomplete on browsers anyway. The "good practice" I meant is for devs to set autocomplete off for the username field - to prevent the login username or email address popping up (especially if the site is accessed on public or shared computers).
That's just infuriating. You're choosing to break functionality that I rely on to help me log in to your website, and there's absolutely no reason to do so.
> especially if the site is accessed on public or shared computers
People setting up those computers need to learn how to provide clean sessions for their users, rather than relying on every single website in the world doing weird things in forms.
Experienced (20 years) Full-stack web & mobile generalist developer & team leader on a range of technologies and business sectors.
Most recently proficient in .net mvc 4 & android 4.x, but also experience in the following (not exclusive):
Totally. Remote is the only work I'll ever do. I get more done, have great collaboration using the appropriate tools and don't have to be 'social' by being subjected to pong pong games. My work environment is perfect and therefore my work quality is among the best it has ever been. Losing the 2 hour daily commute in NYC was a huge boost to my productivity and energy.
