Kee does work for login pages without a form but in this specific case there is also a search field on the page so we can’t be very confident that the username and password fields are part of a login form (rather than some other general form, advanced search feature, etc.) - the same problem would occur if a website included both search and login functionality in the same form, though I’ve never seen an example of this in the real world.
I’ve noticed a number of TD branded websites that suffer from poor sign-in form implementations so perhaps they share similar systems or people, though they’re not the only ones that fail to follow good practice in this area. Thankfully this is a declining practice overall - you’re right that it won’t be the last but the trend is towards better structured web pages, not least because it helps companies to adhere to the accessibility laws in certain countries.
Essentially you need to:
- Ensure that your entry for this site has a form field ID configured to
username for the user name field.
- Add a per-site configuration setting for
www.tdautofinance.com with the Text field ID and name Black List options set to something that overrides the default blacklist (which includes things like
search). For example, just enter
fakefield into each of those two configuration fields.