I thought that was a pretty good list apart from the missing "Allow users to paste their username/password into a field".
The common pattern I hate though is when you have the password field focused and switch out of your browser to your password manager to look it up, only to get a jarring message (or worse, a modal popup) admonishing you or having "too few" characters in your password. Seems like some sensible logic could obviate that a bit.
The common pattern I hate though is when you have the password field focused and switch out of your browser to your password manager to look it up, only to get a jarring message (or worse, a modal popup) admonishing you or having "too few" characters in your password. Seems like some sensible logic could obviate that a bit.