Canonical SSO provider

  1. Bug #1775588
  2. Comment #3

Comment 3 for bug 1775588

Revision history for this message
Maximiliano Bertacchini (maxiberta) wrote : Re: bad bot error on autofilled password on chrome android

This seems to be an issue in Chrome's autofilling of a hidden honeypot field, and it's filed in https://bugs.chromium.org/p/chromium/issues/detail?id=851808 (it specifically mentions the Ubuntu SSO login), though it's not been triaged as of Jun 18 2018.

Summary:
The password manager sees an input field with name "openid.usernamesecret" and guesses this is the username field, so it fills it with the username. However, it's set to display:none, so the user cannot see this. They fill in the visible username field, click submit, and get the error.