latest firefox auto-fills the display:none honeypot field

This appears not to happen with fresh environments, so we expect that this is a function of having a larger and older set of saved passwords for firefox to draw from. The sensitivity of this PII makes it cumbersome to diagnose, but we can try to test hypotheses if we're careful in how we do it.

The field has name="openid.usernamepassword" so it's possible this could match some clumsy substring match or regular expression.

https://askubuntu.com/questions/650544/login-launchpad-net-tells-me-bad-bot-go-away-request-aborted relates to this bug, and currently says "It appears to be the LastPass plugin, for reasons that are still mysterious".

I saw the bug on the dialog that came up to tell me my password was too weak and I needed to select a stronger one. I was using noscript with scripts from launchpad.net allowed in Firefox 39.0. I was using the Firefox remember password feature but not LastPass or equivalent. The workaround of using a private browsing window worked for me with no change needed to NoScript settings.

Experiencing same issue on Ubuntu One/SSO. Private browsing did not work for me in either FF (ver 40.0.3) or Chromium (ver 44.0.2403.89 Ubuntu 14.04 (64-bit)) . I cleaned password mgr in FF and still get log in error that email and/or password are incorrect. I can log in on Launchpad, but Ubuntu One throws error.

I'm having the same problem with the http://www.passwordstore.org/ Firefox's plugin. If I ask this plugin to stop automatic filling, launchpad start working fine again.

This also seems to affect KeePass. Manually entering username and password is a workaround.

Er, that's KeeFox, sorry (KeePass is the program it connects to).

Keepass/Keefox user here. Manually entering passwords does not work for me on Firefox. I was forced to use Chrome to login.

@Chan Ju Ping
Logging in Firefox works, but you must first disable KeeFox (e.g. by removing the UbuntuOne entry or simply closing KeePass). And reload the page, obviously.

KeePass / Kee user. This is the only site I've encountered that has this failure mode. If you aren't going to fix this, could you at least possibly update the "bad bot" message to include a link to explain what might be going on, and suggest possible workarounds?

We changed the name of the honeypot field so overeager autofillers don't fill it. This bug points to a Chrome issue where they acknowledge they're doing the wrong thing but then say they won't fix it because sites are being "uncooperative". Regardless, we did change this for Chrome:

https://bugs.launchpad.net/canonical-identity-provider/+bug/1775588

A related issue affecting LastPass on iOS and Safari was also fixed:

https://bugs.launchpad.net/canonical-identity-provider/+bug/1784908

we tweaked the field name and position slightly to prevent overeager autofillers from filling it up.

Since Firefox with most password managers, Chrome and Safari on iOS are working well, I'll close this issue. @Tim Ramsey, if you can still see this with Keefox, could you please file a new bug?

Happens now to me with Firefox 94.0 on impish, no external password managers, only Firefox'es builtin password manager is used. Workaround was to remove remembered password for login.launchpad.net.

I filed https://bugzilla.mozilla.org/show_bug.cgi?id=1739992 for this latest recurrence. There are newer bug reports about this (e.g. https://bugs.launchpad.net/canonical-identity-provider/+bug/1950073), so it's probably better to leave this old bug alone.