diff --git a/resources/static/dialog/controllers/authenticate.js b/resources/static/dialog/controllers/authenticate.js
index c8de422b80eda1441f004814c0a3a7c8eace76c7..ac413aa99a82cb3fd6573580dee2a04d4e83e99c 100644
--- a/resources/static/dialog/controllers/authenticate.js
+++ b/resources/static/dialog/controllers/authenticate.js
@@ -120,6 +120,8 @@ BrowserID.Modules.Authenticate = (function() {
function enterPasswordState(callback) {
var self=this;
+ dom.setInner("#password", "");
+
self.publish("enter_password", addressInfo);
self.submit = authenticate;
showHint("returning", function() {
diff --git a/resources/static/test/cases/controllers/authenticate.js b/resources/static/test/cases/controllers/authenticate.js
index e410de5e57adfa512fbdd34e96339a1528a49930..6827fce0d83f54e2cb3f554eba3c990c8e055ce1 100644
--- a/resources/static/test/cases/controllers/authenticate.js
+++ b/resources/static/test/cases/controllers/authenticate.js
@@ -117,6 +117,34 @@
controller.checkEmail();
});
+ asyncTest("clear password if user changes email address", function() {
+ xhr.useResult("known_secondary");
+ $("#email").val("registered@testuser.com");
+
+ var enterPasswordCount = 0;
+ mediator.subscribe("enter_password", function() {
+ // The first time the password is shown, change the email address. The
+ // second time the password is shown, make sure the password was cleared.
+
+ if(enterPasswordCount == 0) {
+ // simulate the user changing the email address. This should clear the
+ // password.
+ $("#password").val("password");
+ $("#email").val("testuser@testuser.com");
+ $("#email").keyup();
+ controller.checkEmail();
+ }
+ else {
+ equal($("#password").val(), "", "password field was cleared");
+ start();
+ }
+
+ enterPasswordCount++;
+ });
+
+ controller.checkEmail();
+ });
+
asyncTest("checkEmail with email that has IdP support - 'primary_user' message", function() {
$("#email").val("unregistered@testuser.com");
xhr.useResult("primary");