The problem is, the page with the forms won't have anything preventing auto-complete to not work unless it might be an ASP page (I don't know if they do any kind of circumvention for things like this, like password fields are filled with *'s automatically). IE's to blame here for allowing ANY field to be filled in, no matter what the content, cookie timeout length, secure pages, etc etc.

I'd simply make it (if I were doing anything with IE) so that any page that's "secure" to not cache anything previously put in said fields.

EDIT: of course, that would require IE to UPDATE their browser and we know that hasn't happend in quite some time. <shameless plug> Opera 7 now has the 2nd beta out! </shameless plug>