Why Won’t IE Remember My Login Info?


Over on the Microsoft Answers forum, some folks have reported that Internet Explorer doesn’t remember their login details. This is a tricky problem to troubleshoot because there are a number of different problems which get lumped together under this description, and there are a number of different causes for each problem.

Let’s break down the commonly reported problems into two cases:

  1. IE’s Web Forms Password Manager doesn’t work.
  2. Clicking “Remember me” on websites doesn’t work.

The following two sections will discuss each problem and possible causes and solutions.

Troubleshooting IE’s Forms Password Manager

Internet Explorer actually has two password managers: the WinINET-provided password manager that remembers HTTP-based authentication credentials entered in the authentication popup window:

 

…and a browser-specific password manager that remembers passwords typed into HTML forms. For the purposes of this post, we’re only going to be talking about the web forms password manager.

The Forms-Based Password Manager prompts you to save your password when it recognizes that you’ve filled in a login form. The prompt looks like this:

Autocomplete password prompt

…in IE6,7, and 8. In IE9+, it is replaced by a notification bar at the bottom of the screen that offers the same options:

If you do not see this prompt after submitting a HTML form with a password, there are several

Possible Problems:

  1. You have disabled AutoComplete in your browser by checking the “Don’t offer to remember any more passwords” box.
  2. The page has explicitly disabled AutoComplete by using the AUTOCOMPLETE=OFF attribute.
  3. The HTTPS-delivered page implicitly disabled AutoComplete by returning a HTTP directive forbidding caching. See below
  4. Internet Explorer didn’t recognize that the page had a login form.
  5. The login form was submitted using JavaScript.
  6. You previously said “No” when prompted to save your password for this username on this page.
  7. The Administrator disabled AutoComplete in your browser using Group Policy.
  8. The login form was created by JavaScript using the createElement API.
  9. You didn’t type any letters in the Username box (using drag/drop or copy/paste instead)

2013 Update: IE11 Shrinks this list significantly. See below.

You can resolve problem #1 in IE by clicking Tools > Internet Options > Content > Autocomplete > Settings and checking the User names and passwords on forms and Ask me before saving passwords checkboxes.

Issues #2 to #5 are under the control of the website, although most users won’t know that (I’ve mentioned this before). There is no way for the user to resolve these problems short of asking the website to update their page.

CORRECTION: Issue #3 is only a problem for AutoComplete of non-login forms. Here’s a test page showing that AutoComplete of username and password in login forms works properly even on no-cache HTTPS pages. 2013 Update: IE11 allows even non-logon-form Autocomplete on pages that use Cache-control: no-store.

Case #4 is an interesting one. One possibility is that IE doesn’t “see” the login form at all, for instance, because it was written using Adobe Flash, Silverlight, Java, etc). Another possibility is that IE doesn’t “recognize” the form as a login form, because it contains more inputs than expected. For instance, Facebook uses a fancy login form that shows the cue text “Password” in a INPUT TYPE=TEXT control (named “Password_Placeholder”) until the user puts their cursor in the box. When they do, Facebook uses CSS to hide the password_placeholder box and replaces it with a INPUT TYPE=PASSWORD box into which the user types their password. Unfortunately, while it’s hidden by CSS, the placeholder is still a part of the form, and hence it’s submitted with the form. Because of this extraneous INPUT TYPE=TEXT control, IE assumes that this isn’t a login form and does not offer to save the password. (Using Fiddler, I modified the Facebook homepage to change the placeholder control to INPUT TYPE=HIDDEN and confirmed that this fixed the problem). Update: Facebook fixed this problem in October 2009.

Case #5 is another interesting one. If you submit a form using the JavaScript submit() method, AutoComplete will not offer to save the password. I’ve built a simple test page which demonstrates this. If you use the standard INPUT TYPE=SUBMIT button, you’ll be prompted to save your password. If you use the button which calls the .submit() method, no prompt is shown. To workaround this issue, web developers can call the AutoCompleteSaveForm method.

Case #6 is a tough one. If you previously elected not to save your password for this username for this page , then that “Don’t Store” preference is retained and you will not be prompted to save the password for this username in the future either. There’s no “good” workaround for this. Update: There is now a better workaround; see https://blogs.msdn.com/b/ieinternals/archive/2010/04/09/restoring-the-internet-explorer-password-autocomplete-prompt.aspx

You can delete ALL of your passwords using the Tools > Delete Browsing History option, and this will reset all password decisions back to prompt– but doing this will wipe all of your passwords for all sites. If you’re a technical user, there’s a geeky way to get the prompt back for a specific page:

  • Get RegMon or ProcMon from SysInternals
  • Set a filter to watch the registry key containing the word “Storage2” without quotes.
  • Visit the page for which autocomplete information should be stored.
  • Watch which subkey within the Storage2 key is opened. 
  • Delete (or rename) that key to remove any stored passwords or “don’t store” decisions. 

Case #7 occurs when your Administrator uses Group Policy to disable the AutoComplete feature. To see the Group Policy settings, click on Start and type gpedit.msc to launch the Group Policy viewer. Browse through to User Configuration, Administrative Templates, Windows Components, Internet Explorer. Check the policies for “Disable Autocomplete for Forms” and “Turn on the auto-complete feature for user names and passwords on forms.” Alternatively, close IE, start Process Monitor, and filter for registry reads of keys containing the word FormSuggest.

Case #8 is something I didn’t learn about until July of 2011. It turns out that most browsers (IE9, Firefox 5.01, Chrome 13) don’t work properly when a login form is created dynamically using the createElement API. Here’s a test page. Only Opera works properly with this test page. For what it’s worth, if the test page injects a script-created form by injecting markup using innerHTML, it appears to work correctly in IE.

Case #9 is something I didn’t learn about until June of 2012. If you copy/paste or drag/drop the text into the username box without ever typing any letters (even if you deleted them later), then you will not be prompted to save the password.

Note: If you see the prompt in IE9+ but it immediately disappears the problem is likely that your login page immediately navigated to a page on a different domain. Many of IE9+’s notification bars, including this one, go away automatically when navigating to a different domain.


If, on the other hand, you do see the Save Password prompt, but the password doesn’t seem to autofill, there are several possibilities:

  1. The website’s login page uses paths that contain unique or changing tokens
  2. The website’s login page deliberately randomizes the name of the form fields
  3. Your stored passwords are being cleared between visits

The Forms password manager is designed to recognize when you’re revisiting a login form for which you’ve previously stored a password. When you enter a username for which you’ve stored a password, the password should automatically be filled in the appropriate box.

A key point here is that IE must recognize that this is a form for which you’ve stored a password. IE’s password manager takes into account the URL (specifically the hostname + folder path + filename, not including the query string or fragment) and the name of the form fields. If the website changes these values (for instance, it stores a session identifier as a “virtual” folder in the URL), then IE will not recognize a revisit the login form and will not fill the password. Similarly, if the website changes the names of the HTML input controls, IE will not fill the password. I have encountered several sites which suffer from one or both of these problems.

Lastly, it’s possible that your stored passwords are simply being deleted. IE includes a number of features that allow you to delete your browsing history, including your stored passwords. Make sure that you have the checkbox Delete browsing history on exit checkbox unchecked inside Tools > Internet Options > General . Also, if you use the Delete Browser History command, you should uncheck the Passwords checkbox or you will lose your stored passwords. Notably, the Preserve Favorites Website Data checkbox at the top of this screen will not preserve your form data, including passwords. (Interestingly, it’s impossible for the feature to keep form data. Only URL hashes are stored in the registry, so the feature cannot determine whether a piece of stored form data belongs to one of your favorite sites).

Internet Explorer 11 Update

The IE team made significant investments in fixing password autocompletion for IE11. Of the list of “possible problems” above, IE11 resolves #2, #5, #8, and #9 as well as most cases of #4. IE’s Password Manager now supports autocompletion for the majority of logon forms.

You might wonder: “Why does IE11 ignore the AUTOCOMPLETE attribute on login forms while continuing to respect the attribute on all other AutoComplete input elements (e.g. address, credit cards, phone #, etc)?”

The answer is that Password Managers improve real-world security, and the IE team felt it was important to put users in control. Users rely on their password manager to permit them to comfortably use strong passwords. Password managers encourage strong, unique password creation per site, but unique, strong passwords are often difficult to remember and type on touch devices. If the browser doesn’t offer to autocomplete a password, the user assumes that the browser is broken. The user will then either use another browser that ignores the attribute, or install a password manager plugin that ignores it. I’m an example of this myself– until IE11, I used a weak password on the site that publishes my book because I couldn’t convince them to remove the AUTOCOMPLETE attribute from their login form. Now, with IE11, that worry is gone and I can use a strong password on that site without a major hassle.

Troubleshooting Login Cookies

Other users have encountered problems where a website offers a “Remember me” checkbox but that checkbox doesn’t seem to work. There are a number of possible reasons for this:

  1. You checked “Remember me” while in IE’s InPrivate browsing mode
  2. Your cookie settings restrict the server’s ability to set persistent cookies
  3. Your browser zones configuration is incompatible
  4. Your browser isn’t patched
  5. The website’s security policy requires an occasional login
  6. The website’s cookies are being cleared

Problem #1 is simple enough– “Remember me” features typically require the server to set a persistent HTTP cookie to store your authentication information. When you are browsing in IE8’s InPrivate Browsing mode, all persistent cookies are automatically downgraded to session cookies that expire on browser exit. Also, when the browser starts an InPrivate Browsing session, the cookie jar starts out empty for that session. So, you should not expect “Remember me” to work if you either are in an InPrivate session, or checked the box in such a session.

Problem #2 occurs if you’ve adjusted your cookie settings inside Tools / Internet Options / Privacy. If you’ve changed these settings from the defaults (or if the site is constructed in an unconventional way) the site may not be permitted to save persistent cookies at all. When this is the case, the site will not be able to set persistent cookies and hence the “Remember me” feature will not work.

Problem #3 occurs on Windows Vista and above, when you have configured one subdomain to run outside of Protected Mode (e.g. put it in the Trusted Zone) and another related subdomain to run inside of Protected Mode (e.g. left it in the Internet Zone). This isn’t terribly common, but might occur if you, for instance, put login.live.com in the Trusted Zone but didn’t put mail.live.com in the Trusted Zone. The root cause of this obscure problem is that Protected Mode and non-Protected Mode do not share cookies, and hence a cookie set by a site outside of Protected Mode will not be visible to a site running inside Protected Mode, and vice versa.

In some cases, this can lead to even worse problems. For instance, consider the case where you put www.google.com in the Trusted Zone and visit www.gmail.com . If you then try to log into GMail, you will be redirected endlessly, as the login host redirects you to the application host (since the login page has the cookie and believes you’re logged in), and the application bounces you back to the login page (because the application doesn’t see your login cookie). Servers can prevent such loops by passing querystring parameters when redirecting so the destination knows not to immediately redirect back in a loop.

Update: I wrote a longer post about problem #3 here.

Problem #4 relates to obscure cookie-related issues in IE7 which were fixed in subsequent patches. Ensure you have the latest updates for your browser using WindowsUpdate.

Problem #5 is that some sites (particularly secure sites) will require that you periodically (e.g. every week or month) re login  to help limit the risk of misuse of your credentials. Sometimes, sites will track which IP address you use to log in, and if your IP address changes (e.g. you move from one network to another with your laptop) your cached login cookies will be considered invalid.

These cases are tricky to troubleshoot because there’s no indication to the client (unless the server explicitly provides an indication) that you sent a legitimate stored cookie but security policy requires periodic re-login. You can usually only determine that this is the problem by using a network monitor (like Fiddler ). Unfortunately, even that form of troubleshooting is difficult because unless you happened to have Fiddler running at the time of the prompt, it’s usually too late (because the login form will often itself wipe your “outdated” cookie).

Problem #6 is the most common problem—the website’s cookies are simply being cleared. As noted above, there are a number of ways that this can happen: you may have IE configured to delete cookies on exit (see the checkbox Delete browsing history on exit checkbox unchecked inside Tools > Internet Options > General) . Or, perhaps you’ve deleted browser history manually using the Delete Browser History command. It’s also possible that your cookies are being cleared by another piece of software, for instance, security or privacy utilities.

Reporting Problems

If you find yourself encountering a problem with stored passwords, gathering the following information will help troubleshooters:

  1. What is the URL of the login page?
  2. Is the problem that you don’t see the “Save password” prompt?
  3. Or, is the problem that you do see the “Save password” prompt but it doesn’t seem to work?
  4. Or, is the problem that a “Remember me” box in the web page doesn’t seem to work?
  5. Have you added any sites to the Trusted Zone?
  6. Inside the Tools > Internet Options > Privacy screen, is the Default button disabled? If you click the Sites button, is the sites list empty?
  7. What addons are listed inside Tools > Manage Add-ons ? Do you have the “Windows Live Sign-in Helper” installed, for instance?
  8. Are you running any 3rd-party security or privacy utility software?
  9. If the problem is a “forgotten” login stored using “Remember me”—when did you last log into the website? Was that login from the same computer, in the same location?

While troubleshooting login problems can be quite tricky, in most cases problems are resolved by relatively simple configuration changes.

Until next time,

Eric Lawrence

Comments (102)

  1. Nice write up Eric.  It’s very helpful.  I notice you don’t talk specifically about Facebook.  I can load up Fiddler to check, but does Facebook explicitly turn off AutoComplete?

  2. Installed Fiddler, and Facebook comes back with:

    HTTP/1.1 200 OK

    […]

    Cache-Control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0

    Pragma: no-cache

    So is that end of story as far as IE is concerned?  Any way to override this?

  3. Matt Sharpe says:

    Interesting post. I have always found Firefox’s password remembering feature to be more reliable than IE’s. It just seems to be there more often. It is also beneficial to have a prompt that stays while the next page loads, so you can click "remember" once you actually know you typed the correct password 🙂

  4. frymaster says:

    @Charles Oppermann:

    That’s the end of the story in terms of IE remembering your password.  You _can_ tell facebook to keep you logged in via cookies, and that works.  not sure of the additional security concerns that raises (in terms of people at the computer, none, because either way they can get to your facebook account just by going to facebook.com.  In terms of what automated tools can do, no idea)

  5. @Charles: The lack of prompt on Facebook is actually not related to caching headers. It’s an interesting case related to their fancy "cue text" edit boxes.

    I’ve updated the text of "Case #4" in the blog post above to explain what’s going on. I’ve also added "Case #5" to add one more scenario which causes this problem.

    @Matt Sharpe: In most ways, Firefox’s password manager is superior to IE’s. I believe they’ve had a number of security problems with their mechanism (which they’ve patched over the years) but it definitely provides a more consistent and understandable user-experience.

  6. Robear Dyer, MS MVP says:

    "Over on the Microsoft Answers forum, some folks have reported that Internet Explorer doesn’t remember their login details…"

    Ditto in IE General newsgroup. Don’t forget about those users, please. <wink>

  7. Prabhat says:

    Great post!!

    My IE8 does not prompt to save password. The site I am talking about need loginID in a email format.

    Anyways I still have this problem. Lets say my problem belongs to #2-#4. Then how come Safari and Firefox are able to remember the password?

    Thanks

  8. @Prabhat: I don’t know that either Firefox or Safari respects the autocomplete attribute for password management, so problems #2 and #3 may not apply there.

    What URLs do you see this problem on?

  9. Dennis F says:

    Great post.  But there are still other cases:

    IE8 was providing my email in the list of emails to login but it had associated the wrong password.

    So, I highlighted my email and hit delete when the pulldown was shown.

    Now, I can’t get IE to remember my email anymore!!

    Do you know of anyway to get IE to re-enable my email for that website?

  10. EricLaw [MSFT] says:

    @Dennis: Deleting a stored username from the dropdown will result in the prompt: "Windows has a password stored for this user name. Do you want to delete the user name and password? [Yes] [No]"

    If you choose Yes, you can subsequently enter a new user name and password. After doing so, you will be asked whether you would like IE to Remember this Password (unless such prompting is disabled, as described previously).

  11. dan bekker says:

    whats does this mean?

    the entry in temporary internet files forgets where it pointing.

    [Window Title]

    C:UsersdannyAppDataRoamingMicrosoftWindowsCookiesdanny@facebook[1].txt

    [Content]

    Windows cannot find ‘C:UsersdannyAppDataRoamingMicrosoftWindowsCookiesdanny@facebook[1].txt’. Make sure you typed the name correctly, and then try again.

    [OK]

  12. dan bekker says:

    and now it remembers again although i had not been to face book.

    it does this often where it cant find its target. sometime the target has a [2] on it.

    i find that the forgetting of my creds sometimes takes weeks. sometimes it forgets if i open up ie with in private turned on even if i dont go to face book.

  13. dan bekker says:

    and now it has forgotten my password. heres the thing i didnt do much of anything. i had the browser open the whole time.

    it was remembering the password. and then it forgot.

  14. dan bekker says:

    and now it remembers my password again.

    it seemed to remember after i made a comment.

    i have two face book cookies. temp internet points to the oldest cookie currently.

  15. Jimmy says:

    What is the URL of the login page?

    – facebook.com, twitter.com, excite.com, live.com, basically any site with a login

    Is the problem that you don’t see the “Save password” prompt? Or, is the problem that you do see the “Save password” prompt but it doesn’t seem to work?

    – no, i have this feature disabled by choice

    Or, is the problem that a “Remember me” box in the web page doesn’t seem to work?

    – yes, the sites will remember login info via cookie for a period that ranges from a few days to under 12 hours.

    Have you added any sites to the Trusted Zone?

    – no, I have never done this with previous instances of IE.

    What addons are listed inside Tools > Manage Add-ons? Do you have the “Windows Live Sign-in Helper” installed, for instance?

    – Yes, have the sign-in helper, plus others like silverlight and flash, reader, etc.

    Are you running any 3rd-party security or privacy utility software?

    – Avast anti-virus

    If the problem is a “forgotten” login stored using “Remember me”—when did you last log into the website? Was that login from the same computer, in the same location?

    – Earlier today. Yes, same PC.

    Additional info: This problem only started occuring after switching from Vista to Win7. I used IE8 on Vista and never had this issue. Since going to Win7, it occurs several times a week.

  16. português suave says:

    It seems that I can not autofill while I access Myspace. It happens that the message promp works with other websites, but it won’t on Myspace. I’d like to hear it from you.

  17. Tobe says:

    I have also been fighting this issue since upgrading to IE8 (am running XP). This seems to only be an issue for me on 3 or 4 specific forums, other forums the login is remembered.

    Sometimes the login will be remembered until the next day, other times only for a few minutes, other times for a couple hours.

    This was never a problem until I upgraded from IE6 to IE8. My logins would be remembered for weeks or months.

    So I uninstalled IE8, which reverted me back to IE6. I no longer have the login issues, all of my forum logims are remembered like they should.

    This is driving me crazy, as I really like the new features of IE8 but, unfortunately cannot go back to IE8 until a solution is found.

  18. Dave Smith says:

    Ok The only thing I haven’t seen addresed here is how to get the inputbox for autocomplete to come back on. In my case I told it to stop asking me and I’ve done everything that all the sites tell you to do and it still doesn’t work. How about telling us how to fix it so it works again. I’m using Vista and IE8.

  19. Dave Smith says:

    The only other things left that I haven’t done is reset IE8 settings and "from the add/remove programs in control panel" to repair IE8. Would that fix it?

  20. Tobe says:

    WHY do my posts keep disappearing here????

  21. Rich says:

    It appears to me that all of a sudden the Log In details for websites I belong to, just disappear. Earlier I visited a number of websites; all remembered me as I had previously ticked the box to remember me. I was downloading a program file from one site then opened another tab to revisit a previous site which then told me I wasn’t logged in! My Rapidshare details (Cookie) had disappeared so I had to re-log in there and after the program file had downloaded, the site I was originally logged in to, suddenly didn’t recognise me anymore. It appears to me that something is happening to the cookies store. I am using Vista and never had problems with IE7. Hope this helps!

  22. Rob Broekhuis says:

    But what if the problem IS with HTTP authentication credentials being lost? This started happening suddenly in the past few days, and is infuriating! I can’t find anything on this topic – any pointers?

  23. ieblog says:

    @Rob: Can you provide any additional details? What sites are you having problems with? What auth protocols are being used? Is the machine in question on a domain?

  24. gizmo says:

    I have the same problem on some websides that the IE is not saving my passwords… I checked Eric´s solutions but they dont work for me.. still the problem that my password not being saved. I DONT had that problem under Vista and IE8!!!

    Since i have Windows7 64bit Version i have this problem……

  25. Rob Broekhuis says:

    All sites that require http authentication are affected, including several sections of my own websites, as well as subdomains with authentication on external websites. IE seems to remember them for a while, then loses its memory. Nothing fancy – just standard http authentication, set up through htaccess. On my PC end, I’m using IE8 with Vista (no recent changes there, besides the automated updates that come through routinely); I’m on a home network, connected through a router to a cable modem. I do have a different PC that is connected to the router configured as a web server, but I don’t think that’s related to this problem.

  26. EricLaw [MSFT] says:

    @Dave: To get the prompt to come back on, click Tools / Internet Options / Content / AutoComplete Settings, and tick the "usernames and passwords" and "Ask me before saving passwords" boxes.

  27. Kain says:

    Very detailed answer, but the issue happens to ALL the sites I visit with logins, including Hotmail.  Now why would Hotmail run in a manner that isn’t completely compatible with IE8?

  28. Michael says:

    I am using Vista Home Premium and Internet Explorer 8.  The browser remembers any and all Form-Based passwords, BUT does not allow me to add any new passwords in pop-up dialogue boxes, (such as those used in cPanel, or FrontPage)

    It has stored the old exisitng passwords, thankfully, BUT it is not allowing me to save any new ones.  Being a web developer this is a real pain.

    I have reset IE 8, I have read a ton of posts, and still have not found an answer to this dilema.

    How can I fix IE8 to remember new passwords?

    *(notice I did not ask your opinion of Firefox or any other browser!)

    Thank you.

  29. @Michael: What does "it is not allowing me to save any new ones" mean specifically?  Do you see the checkbox on the password dialog?

    Was this machine ever part of a domain network? (Group Policy can be set to forbid saving of HTTP authentication credentials)

  30. Michael says:

    To: EricLaw

    Yes I see the checkbox on the password dialog.

    No This machine was not part of a domain network.

    I have several sites that I log into that use cPanel – which employs a dialogue pop-up box, and asks to remember your username and password.

    The browser was working, and was saving passwords, and then ceased to allow me to add new ones, meaning, as I get new sites that use cPanel, or even FrontPage clients for that matter, I can not store the new username and password.

    To be precise, the cPanel passwords in question are all on one hosting company… the browser has stored and retained several of them – in fact I can even chage the data on old sites.  That is to say I can change a sites username and password, and it will remember it.  But if it is to a new site – one I have not yet worked on – even though it is one the same server – it will not retain the username and password.

    Hope this helps.

    Thank You

  31. ieblog says:

    @Michael: If you go into the System Control Panel and open the Credential Manager (inside the Accounts group) do you see your stored credentials persisted there?

  32. Michael says:

    Yes I do see them in there.

    It would appear that some of them are not storing, and I am at a loss as to where to change the ability to do so.

    I was able to manually edit one, and it seems to have worked.

    Is there a way to change the setting?

  33. Michael says:

    UPDATE:

    After making an edit to one password manually, I have since been able to save another password through the website….

    Will continue to test other sites.

    Thanks

  34. tunghoy says:

    @Eric Lawrence: THANK YOU. I had my SharePoint’s site set to low security, but hadn’t added the URL to the Sites list. Yeah, that was really obvious.

  35. j roberts says:

    log in info was very interesting and i hope helpful. thank you.

  36. Con says:

    I have had this problem as well; very frustrating.  I have discovered however that autocomplete works like a champ if you install windows live toolbar version 03.01.0000.0130.  I don’t know if it’s a coincidence or not, but it does seem to work for me.  

  37. Dave says:

    I have a login for a website. The remember me box is pre-checked and the login works and the cookies are in the temp file. Try it!

    user  php

    ps    coders

    then in the close without login out. Close IE and one should be able to have the login there, but it is not.  

    http://www.glsbrakes.com/GLS_Login/check_cookie.php is  a script to doulbe check for cookies.

    Why is this now happening.  Worked before.

  38. EricLaw [MSFT] says:

    @Dave: Your page works fine; I login, close the browser, open the browser again, and the cookie stored previously is re-sent properly.

  39. Dave says:

    I tested a seperate login with another login I have built and that one works.  Why is it just my domain?  Could it be the SSL? Registry?

    or should I delete IE8 and retry or go back to IE7

    dave

  40. EricLaw [MSFT] says:

    @Dave: Have you looked at your traffic using Fiddler to see the cookie being set and/or sent?

  41. Dave says:

    No I just have http://www.glsbrakes.com/GLS_Login/check_cookie.php

    to check for cookies after I login and close IE without Logging out.  I feel like it is a blip in IE and what is this counter/ in the temp folder.  Does that have anything to do with cookies?

    Dave

  42. @Dave: Don’t try to debug cookie issues by looking at the files on the local filesystem. They don’t work the way you would expect them too. You should watch your network traffic to see exactly what is being sent.

  43. Dave says:

    Interesting, I did download fiddler2, ran my page. I did recieve an error #70 once and #90 once. and for now my login is working on this computer.  Why? I have not clue..

    Dave

  44. Dave says:

    Is this common?  I would like to know what it was I or Fiddler2 did to repair my issue.

    Dave

  45. Tricia says:

    none of this helped me.. but I should be used to that by now

  46. Mark says:

    I have similar issues with IE 8.  I can get into this site occasionally but the majority of the time I am continually prompted on my machine to login via IE8.  I’ve tested from other machines with IE8 and had no issues.

    I’ve also added this site to the credentials manger area.  It worked for a day with out issue then went back to continually prompting for credentials.  It’s like something is cached because the login box immediately pops up after I try to authenticate.

  47. ieblog says:

    Mark, the site you link to is using HTTP authentication, which is not really covered in this post, and has nothing to do with Cookies or Autocomplete.

    You’ll need to watch your traffic with a network debugger like Fiddler to see if your credentials are tried and rejected, or if something else is happening.

  48. I resolved in my case, this issue with lot of research. Hope it may be useful someone.

    Just I did like this in addition to Auto Complete…

    Internet Options — security tab — Internet–Custom level — scroll all the way down to …User Authentication – Logon – Check Automatic logon with current user name and password

  49. Thomas says:

    Is this not anything to do in contrall pannle?

    Thomas

  50. jeff b says:

    help! when i try and login to a forum i belong to,my login info seems to login but the forum goes into a private mode that prevents me from viewing anything. i can view everything with firefox but it goes private in ie7 and ie8. ive tried different settings for everything with no luck.the strange thing is ive tried using a seperate pc from a different location that uses ie8 and it logs in fine. i keep telling these people that something is wrong with their forum that is messing up my ip address when it trys to login. this sucks

  51. bobW says:

    Never even thought about clearing history as reason for username not being remembered. I did not have this problem w/IE7.

  52. Peter K says:

    Cannot store my password to access my webmail in godaddy.com – https://email.secureserver.net/login.php

    Windows 7 using IE8

    Peter

  53. Amazing says:

    Thanks for deleting a genuine post

  54. ChrisW says:

    I am running IE8 with Windows 7 Home Premium and Norton Internet Security 2009.  I can check the User names and passwords on forms and Ask me before saving passwords checkboxes, and it’ll stay that way until I shut my computer down.  When I start my computer back up those boxes will be unchecked, why does it keep doing that?

  55. Snoopy says:

    -What is the URL of the login page?

    myspace.com

    -Is the problem that you don’t see the “Save password” prompt?

    yes, and settings are checked properly.

    -Or, is the problem that you do see the “Save password” prompt but it doesn’t seem to work?

    no, it doesnt show anymore.

    -Or, is the problem that a “Remember me” box in the web page doesn’t seem to work?

    i dont use that option, where i have other family members using myspace as well.

    -Have you added any sites to the Trusted Zone?

    Inside the Tools > Internet Options > Privacy screen, is the Default button disabled? If you click the Sites button, is the sites list empty?

    empty.

    -What addons are listed inside Tools > Manage Add-ons? Do you have the “Windows Live Sign-in Helper” installed, for instance?

    i do not have that addon, should i get it?

    -Are you running any 3rd-party security or privacy utility software?

    kasperski internet security 8.0.0.506

    —————-

    ive read many threads on this issue, and still cannot resolve. ive seen other people with the same dilema, most of which eventually just stop asking.

    my problem is, when i first built my pc, it would promt me to save a password the first time it was used, or if it was different than the one stored. at one point if i double clicked on the username feild, it would bring up a long list of all the logins that had ever been used, and when you clicked on one it would bring up the correct password (if saved). this is how i would like it.

    few months ago they had all cleared. now if i click the user feild, it doesnt bring up anything. and it will not ask me to save any new usernames or passwords. and yes, the correct boxes are checked in the autocomplete settings. which i think should do as its told, but doesnt.

    i believe that once you hit "dont offer to remember anymore passwords" it doesnt. the trouble is i would like that to come back on, or start over.

    about the only thing i havnt tried is uninstalling ie and reinstalling fresh. which i dont imagine would make much difference, whereas these autocomplete settings are most likely saved elsewhere.

    please help..

  56. Snoopy says:

    1 more thing i wanted to mention..

    the Forms-Based Password Manager DOES pop up on some other sites, it worked on the test page you created.

  57. Dan says:

    Eric, I have a question about #3, the HTTPS-delivered page implicitly disabled autocomplete by returning a HTTP directive forbidding caching.

    That describes my situation. However, I have a requirement that autocomplete remains working. Is my solution to go to FireFox or is there a workaround for IE? Thanks in advance.

  58. EricLaw [MSFT] says:

    @Dan: Sorry, IE 6,7, and 8 don’t offer an option to allow the autocomplete feature to be used when a HTTPS-delivered page was delivered with a "no-cache" directive.

  59. Jimmy says:

    I think I’ve figured out what is triggering my IE8 to lose all of it’s cookie/login information. Whenever my system freezes (which seems to happen sporadically on my Win7 x64 machine), and I have to do a manually reboot by holding power to power it off, then turnign back on. When it comes back up the browser has forgotten all cookies, history and saved passwords. I don’t know what is causing it to freeze and lock up, but I do know that when it comes back, my IE 8 has lost it’s memory.

  60. Dan says:

    Eric, thank you for replying. Our goal with using the "no-cache" directive was to prevent forms from being submitted more than once. The unexpected consequence was that autocomplete stopped working. We discovered that changing to Response.CacheControl = "must-revalidate, private" allows us to use autocomplete once again and prevents forms from being submitted more than once. Are there any gotchas we should be aware of when using "must-revalidate, private"?

  61. Shawn Flecken says:

    But what about this problem:

    I go to a website and enter my username and password — no offer to remember the info.  BUT, if I enter a different (incorrect) username and password, it DOES offer to remember.

    I must have clicked "no" the first time I entered my username on the site.  And now there doesn’t seem to be any way to make IE8 ask me again so I can say "yes."  Even deleting all the history doesn’t reset this.

  62. EricLaw [MSFT] says:

    @Shawn: Deleting "History" alone won’t help– you must specifically check the "Passwords" box.

  63. Lumpy says:

    I have a website I use with many multiple logins. I have a different login for each client. Unfortunately, when logging in as one of my clients, I accidentally clicked the "No" option when prompted to remember the password. Now I cannot change it so that that client’s login autocompletes the password. All the other clients’s logins will autocomplete, and a new client’s login will be prompted for rememberance, but not for the one which I clicked "No".

    There are suggestions on the web to backup the Storage2 key in the registry, but this doesn’t work, because each data item represents a single website. And so wiping out this one website will wipe over a dozen passwords.

    Suggestions?

  64. Shayna Linn says:

    Hi Thanks sooooo much for posting this. It helped me alot. Unlike some other pages. Thanks I have fixed the problem. Thanks again.

  65. Someone asked what happens when the user later changes their password for a given website.

    When this happens, a dialog is shown asking if the user wants to update their stored password. However, this dialog is shown only if the user types a new password in over a previously-autocompleted password.

    If the user had previously elected not to save their old password for this username for this page, then that “Don’t Store” preference is retained and they will not be prompted to save the new password for this username in the future either.  (If you think about it, that sorta makes sense, because the browser didn’t store the old password, and thus has no way to know if what the user typed represents a “new” password).

    The user’s passwords or “don’t store” decisions are stored inside the registry key “HKCUSoftwareMicrosoftInternet ExplorerIntelliFormsStorage2”.  Unfortunately, you’ll find that you cannot easily find the URL for your site in this list—while the URL is used as the key name, like the password list, it is stored in a per-user encrypted format. While there are tools that would allow the current user to decrypt this information, those tools are not produced or recommended by Microsoft.

  66. @Lumpy: Since you’re clearly a pretty technical user, here’s what you do:

    1> Get RegMon or ProcMon from SysInternals. Set a filter to watch the registry key containing the word "Storage2" without quotes.

    2> Visit the page for which autocomplete information should be stored. Watch which subkey within the Storage2 key is opened.

    3> Delete (or rename) that key to remove any stored passwords or "don’t store" decisions.

  67. Sriranga says:

    When you install Mozilla, during the first run configuration it asks it I want to import favorties and *password* from IE. I haven’t seen it work, but want to know if ther are able to do it!

    I see that the registry location where the password is stored is encrypted..

  68. EricLaw [MSFT] says:

    @Sriranga: No, Mozilla cannot import Forms Autocomplete passwords from IE7 and later. As I mentioned, doing so is not possible due to the hashing.

  69. Debbie says:

    Thanks Eric, This problem was driving me crazy, and the answer was as simple as unchecking "Delete Browser History on Exit" in Tools > Internet Options > General.

    This post is the first place I looked that even suggested this as something to check!

  70. hunter says:

    ok i didnt quite understand the  website info….could u email me at georgiadawgsrule7@yahoo.com??? any website i go to never remembers me like facebook…and i get on often so its not the logging in often part…and its not just facebook…myspace…espn…and others

  71. l2k man says:

    I don’t understand why IE will not remember login. I can login to laser2000.org.uk using Firefox or Safari. Close the app, and come back later, open the app and I am still logged in. If I try the same with IE I am not logged in. Delete Browser History is unchecked. What parameter isn’t set right, or is it a glitch in IE. I know others who have the same problem.

  72. KB says:

    I have a customer that logs into postini. which has the option to remeber the password. It will remeber it for a little while (2-3 Days) and then it will lose the setting. I have several other computers that are remembering it fine. It is just her’s that looses the settings. It only started doing this recently, it worked perfectly before.

    Any assistance with this would be great.

    Please and Thank You.

  73. Mark says:

    Is this simply a 32 bit versus a 64 bit problem?

  74. @Mark: I’m not sure what you’re asking.

  75. KB says:

    Mark:

    The customer has the 32 bit version, but I am only having it on her machine and not any other machine. I have XP, Vista, Win7 (32 and 64) and they all work fine except this one.

    Eric:

    I am asking if you know or have heard of this issue and if you have any ideas on how to get the the username and password to remain saved.

    Be Blessed,

    KB

  76. Castor Efrata-Landis says:

    THANK YOU SO MUCH!! The thoroughness of your answer to this question appears to have (so far, at least – and I suspect completely) fixed my problems in this.   Thanks, again!

  77. Mathan says:

    Hi Eric,

          Nice write up. Currently I'm facing different problem. "Remember me" working fine. But if i traverse to one page(This page has ajax call for every 30 seconds), all my cookies except session cookies get deleted. Its happening only in IE8. Its not get deleted in Firefox and IE6. Have you faced this problem?

    Note: I haven't shared my coding. because it is working in all the browsers except IE8.

  78. EricLaw [MSFT] says:

    @Mathan: Are you saying you lose *persistent* cookies when navigating to this page? And you lose persistent cookies for *all* sites, or only that one? Are you running the latest Windows Updates?  (Short answer is no: There's no known issue here. Is your URL public?)

  79. Mathan says:

    @EricLaw,

    Are you saying you lose *persistent* cookies when navigating to this page? YES

    And you lose persistent cookies for *all* sites, or only that one?  Only for my site. But its keeping my session cookies.

    Are you running the latest Windows Updates?  (Short answer is no: There's no known issue here. Is your URL public?) – Not sure. URL is private.

  80. Joe says:

    Is there any way to make IE remember a password when the form uses JavaScript .submit?  From your example "case #5" above.

  81. Jeff says:

    I have Windows XP, IE 8, and it won't remember ANY passwords.  There is no 'storage2' in the registry.  These sections all say yes under the 'main' folder in the registry:

    FormSuggest Passwords

    FormSuggest PW Ask

    Use FormSuggest

    I have all necessary boxes checked in the 'Content' tab, I have cleared all the stored information several times, even tried uninstalling and reinstalling IE8.  Still don't get asked to remember any passwords.  

    Is there any way to rebuild the registry for IE8 so it does remember passwords?

  82. Jeff says:

    Oh yeah, and IE6 remembers the passwords just fine when I had to uninstall IE8.  

  83. Jon says:

    I have IE8 (can't upgrade yet) and I have run the utility which tells me that my passwords ARE being stored. However, they are not autofilling the box… it's the weirdest thing. It's not a HTTPS, it's not any of the following:

    1.The website’s login page uses paths that contain unique or changing tokens

    2.The website's login page deliberately randomizes the name of the form fields

    3.Your stored passwords are being cleared between visits

    It works on my other computer, but for some reason it's not working here… I have reset the entire explorer, same problem… Any advice?

  84. EricLaw [MSFT] says:

    @Jon:  Which boxes are checked inside Tools > Internet Options > Content > AutoComplete Settings?

  85. Seth D says:

    The Remember Me issue has occured for me with Twitter for a separate reason. I have in my Twitter settings to enforce SSL (so http://twitter.com/ becomes https://twitter.com/), but the IE favorite I have for Twitter is the non-SSL site: http://twitter.com/

    Changing the URL in the Properties for the favorite to the https:// version made it so the Remember Me box would work.

  86. Michael says:

    Having just upgraded to IE9 at my workplace – are now running into this same problem – seemingly with all sites – not just a select few.

    http://www.debugtheweb.com/…/passwordautocomplete.asp – Test site never prompted to remember password.

    I have all of the boxes ticked (except for use windows search and feeds) in the Autocomplete Settings button.

  87. @Michael: My first suggestion would be to look into whether the "Don't allow saving passwords" Group Policy is set in your corporate environment.

  88. Michael says:

    @EricLaw

    No policy exists that modifies that setting.

    We have an existing policies that deals with proxy settings in IE – but that's the closest thing.

  89. @Michael: And if you watch for regkey reads from a path containing FormSuggest, what do you see?

  90. Michael says:

    @EricLaw

    I get the following:

    regedit.exe 5956 RegQueryValue HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl PanelFormSuggest SUCCESS Type: REG_DWORD, Length: 4, Data: 0

    and

    10:10:49.5951895 AM regedit.exe 5956 RegQueryValue HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl PanelFormSuggest Passwords SUCCESS Type: REG_DWORD, Length: 4, Data: 0

    Changing the value to 1 using regedit fixes the problem – I was prompted for a password on the test site and now the options under the autocomplete section are greyed out (but still ticked)

  91. @Michael: Thanks for the update! Did you change both policies to "1" or just the latter?

  92. Michael says:

    @EricLaw

    I changed both values to 1 – but found it also works just changed the "FormSuggest Passwords" value.

    Thanks for your help!

  93. dev@softmonauts.com says:

    Dear Eric,

    thanks for that helpful write up.

    What can I do from a developers point of view to face the "IE didn’t recognize that the page had a login form" problem?

    What is IE looking for to decide that this or that is a login form?

    We're using ASP.NET and the single form approach and IE doesnt't prompt to save the password.

    Best regards

    Jörg

  94. @softmonaut: Send me your URL by email. My assumption is that your form contains more than one username box and one password box.

  95. Kirk says:

    @EricLaw First off, thank you.  This was driving me nuts with a change to our site that I made.  I added a second text box to our login page a while back and all of a sudden IE9 wouldn't remember my password.  Now I understand why at least.

    I wanted the second text box so that user's can trigger an external search without logging in.  Do you know of any techniques/tricks I can use to still have that other unrelated (to logging in) text box and still get IE9 to recognize this as a log in form and remember the password?

    Thanks, Kirk

    [EricLaw: Do you have a URL I could see? Did you try putting the second textbox in a different webform?]

  96. Gordon says:

    Have not read the post but i found that when copy + pasting login and password data into the fields i was not prompted to remember the password. When i typed them both in i am prompted. ??!

  97. @Gorden: Issue #9 added. It doesn't matter what you do with the password, but you must either type one character in the username field, or use the TAB key to exit it.

  98. Jessica says:

    IE 10 has a new option when you right click you get "open in new tab" and sometimes this opens a new window which is when the session is lost. You can try right clicking and open in new tab around five to six times it will open in new browser window and then session is lost(i.e. you have to login again if u load the same web page). I need a confirmation that this is a browser issue.

    [EricLaw] The "Open in new tab" option was introduced in IE7, and there are no known-issues that cause the issue you describe. You may want to try disabling all browser add-ons. If you can still reproduce the problem, please email me (using the Contact link) information about the repro steps and, if possible, a Fiddler SAZ file.

  99. Aerono says:

    Hi Eric, first of all i love this post, helped me a lot to troubleshoot, but my problem still exists.

    I work in a Company where we work in a intranet site and one computer just does not want to save the passwords of a specific user.

    I checked all things on this page, group policys, cookies, trusted sites etc.. It's WinXP PC with IE8, i reinstalled java and IE itself, wont work.

    IE does not ask for me to save the password on EVERY site i logon, so gmx.net or live.com and on the intranet. But with an other User on the same PC it's working fine, can you imagine whats the problem? Regards Philipp – Aerono

    [EricLaw] For the affected user, what is seen inside Tools > Internet Options > Content Tab > AutoComplete Settings?

  100. Aerono says:

    @EricLaw: In the AutoComplete options we have the same options chosen like by my user.

    And the interesting thing is that when i uninstall IE8 and try it with IE6 it works ! and with Firefox it works also..

    It has to be a problem with the User->IE8 Settings but i checked all settings and deleted all coookies/cache.. do you have a Idea how i delete ALL SETTINGS after i uninstall IE8 to fully set it to standard ?

    [EricLaw] Firefox doesn't share or use IE's settings. You might try using Process Monitor to watch for any Access Denied errors when reading registry keys or the like, but unfortunately without access to the machine, I don't have any other ideas.

    THANK YOU VERY MUCH for the reply, your really a MVP 🙂