Date Added: Oct 2011
One of the most popular aids adopted by users to reduce the pain suffered from the use of passwords is browsers' auto-complete feature. This feature, caching username and password after getting the user consent and using them later for automatic completion, is available in all modern browsers but communication with the user asking consent is implemented in different ways. In this paper, the authors report on user studies comparing active communication with a blocking dialog box and passive communication with a non-intrusive toolbar. They found that a dialog box misled users to save passwords in public computers. Conversely, no security problem was observed with passive communication.