diff --git a/packages/rrweb-snapshot/src/snapshot.ts b/packages/rrweb-snapshot/src/snapshot.ts
index 04a7383c16..f89cd919e5 100644
--- a/packages/rrweb-snapshot/src/snapshot.ts
+++ b/packages/rrweb-snapshot/src/snapshot.ts
@@ -383,6 +383,24 @@ export function needMaskingText(
: node.parentElement;
if (el === null) return false;
+ if (el.tagName === 'INPUT') {
+ // Special cases: We want to enforce some masking for password & credit-card related fields,
+ // no matter the settings
+ const autocomplete = el.getAttribute('autocomplete');
+ const disallowedAutocompleteValues = [
+ 'current-password',
+ 'new-password',
+ 'cc-number',
+ 'cc-exp',
+ 'cc-exp-month',
+ 'cc-exp-year',
+ 'cc-csc',
+ ];
+ if (disallowedAutocompleteValues.includes(autocomplete as string)) {
+ return true;
+ }
+ }
+
let maskDistance = -1;
let unmaskDistance = -1;
diff --git a/packages/rrweb-snapshot/test/__snapshots__/integration.test.ts.snap b/packages/rrweb-snapshot/test/__snapshots__/integration.test.ts.snap
index 30fa232b9d..5412826dac 100644
--- a/packages/rrweb-snapshot/test/__snapshots__/integration.test.ts.snap
+++ b/packages/rrweb-snapshot/test/__snapshots__/integration.test.ts.snap
@@ -277,25 +277,25 @@ exports[`integration tests [html file]: form-fields-sensitive.html 1`] = `