Comment 98 for bug 243037

There's another issue here. Some sites' passwords won't save even though there's
no autocomplete="off" in the code.

This is because they use JavaScript to generate a SHA-1 hash of the password
(with salt added) client-side and store that in a seperate form field prior to
submission. They also blank the real password field to prevent the cleartext
password being sent.

Because the password field is blanked and Password Manager must not check until
after onsubmit="" is called, Password Manager doesn't offer to remember the
password.

You can observe this at http://album.co.nz/ and also at banking site
http://www.kiwibank.co.nz/