diff --git a/CHANGELOG.md b/CHANGELOG.md
index fd4b17a..7a90834 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -24,6 +24,7 @@ This file is used to list changes made in each version of the openstack-dashboar
 * Fix site template directory defaults for apache 2.4
 * Use common specific_endpoint routines (bug 1412919)
 * Fix notify when using listen_addresses
+* Change default for password_autocomplete to off for better default security
 
 ## 9.1
 * python_packages database client attributes have been moved to the -common cookbook
diff --git a/README.md b/README.md
index 8012cfc..4ec5a24 100644
--- a/README.md
+++ b/README.md
@@ -60,7 +60,7 @@ Attributes
 * `openstack['dashboard']['simple_ip_management']` - Boolean to enable or disable simplified floating IP address management
 * `openstack['dashboard']['http_port']` - Port that httpd should listen on (default: 80)
 * `openstack['dashboard']['https_port']` - Port that httpd should listen on for using ssl (default: 443)
-* `openstack['dashboard']['password_autocomplete']` - Toggle browser autocompletion for login form ('on' or 'off', default: 'on')
+* `openstack['dashboard']['password_autocomplete']` - Toggle browser autocompletion for login form ('on' or 'off', default: 'off')
 * `openstack['dashboard']['ssl_no_verify']` - Disable SSL certificate checks (useful for self-signed certificates)
 * `openstack['dashboard']['ssl_cacert']` - The CA certificate to use to verify SSL connections
 * `openstack['dashboard']['misc_local_settings']` - Additions to the local_settings conf file
diff --git a/attributes/default.rb b/attributes/default.rb
index faef148..d4cb82f 100644
--- a/attributes/default.rb
+++ b/attributes/default.rb
@@ -200,7 +200,7 @@ default['openstack']['dashboard']['log_level']['openstack_auth'] = 'INFO'
 default['openstack']['dashboard']['log_level']['nose.plugins.manager'] = 'INFO'
 default['openstack']['dashboard']['log_level']['django'] = 'INFO'
 
-default['openstack']['dashboard']['password_autocomplete'] = 'on'
+default['openstack']['dashboard']['password_autocomplete'] = 'off'
 default['openstack']['dashboard']['simple_ip_management'] = false
 default['openstack']['dashboard']['neutron']['enable_lb'] = false
 default['openstack']['dashboard']['neutron']['enable_quotas'] = true