MSCRM Create Password Field with JavaScript

Dynamics CRM does not currently provide the ability to add password fields to a form. With this script, we show a way to make an input field on an Entity Form to be of type “Password”.

OGBIT.PasswordField = {
    Init: function (fields) {

        var ids = fields.split(';');
        for (var idx in ids) {
            var id = ids[idx];
            var control = document.getElementById(id);
            if (control && typeof (control) != "undefined") {
                control.setAttribute("type", "password");
                OGBIT.PasswordField.Show(id, true);
    Show: function (id, cmd) {
        var control = Xrm.Page.getControl(id);
        if (control)

The Init function takes a semi-colon delimited string with field ids. For each field id, we set the attribute of the input field to type password. This automatically masks the text in the field with asterisks (*), and the actual character values are not affected. Since there is a delay between the JavaScript changing the field type and the form showing the values, we need to initially hide the field on the form. This prevents the users from seeing the actual text. This Script uses the Xrm JavaScript framework to get the field reference and setting the visibility attribute to true right after changing the field type attribute. See the Show function for more details.

To make this work on CRM, you can add this script as a web resource and configure this script to execute on the OnLoad event of the entity form.  We can then add the string with the field names that should be set to type password. This string should map to the fields parameter of the Init function.
We should note that this approach has a limitation. If you look at the html source, you will see the actual password value. If this is not desirable, additional work needs to be done. An approach can be to never include the actual field on the form and to handle the update via the OData web services.

I hope you find this useful.