form_password()

function form_password(string $name, ?string $value = null, array $attributes = []): string

Description

Generates an HTML password input field with type="password". This input type obscures entered text with dots or asterisks for secure password entry.

Parameters

Parameter	Type	Description
$name	string	The name attribute for the password input element.
$value	string\|null	(optional) The initial value for the password field. Typically empty for security.
$attributes	array	(optional) HTML attributes for the password input element. Defaults to an empty array ([]).

Return Value

Type	Description
string	An HTML password input element with type="password".

Example #1: Basic Password Input

Example #2: Password Input with Common Attributes

Example #3: Password Input with ID and Class

Example #4: Complete Login Form Example

Password fields automatically obscure entered characters for security.
Use minlength and maxlength attributes to enforce password length requirements.
For better UX, consider adding a "show password" toggle using JavaScript (not included in Trongate).
Use autocomplete="current-password" for login forms and autocomplete="new-password" for registration forms.
Password values in forms are not pre-populated for security reasons - the $value parameter is rarely used.
Always validate password strength server-side in addition to client-side length checks.
Never store plain text passwords - always use PHP's password_hash() and password_verify() functions.

Common Issues

When working with password inputs:

Browsers may offer to save passwords - this can be disabled with autocomplete="off" but is not recommended for login forms.
Password fields don't show the actual characters typed, making typos harder to catch.
Always pair password inputs with a confirmation field for user registration forms.
Some password managers may have difficulty with custom JavaScript password toggles.
Remember that client-side validation (minlength, pattern) can be bypassed - always validate server-side.