Disable "autocomplete" or Set autocomplete="off" in input tag password field.
This is 99% ignored by majority of web developers today.
Before Jeremiah's Research, it was widely believed that this autocomplete issue is ONLY a local privacy issue. Attackers who physically gain access to a victim's machine can gain access to his browser autocomplete values.
Research security-related recommendations that have been acted upon issues which are considered as low-risk or impossible-to-happen.
Work harder or think out of the box to create an amazingly PoC that transforms such low-risk to medium/high one.