Using a 3rd party vendor is all good and dandy, except when they make things up or misinterpret things.. I read the 'required steps' to become PCI DSS compliand and could not seem to find anything relating to removing the 'remember me' functions or the autofill for any of these fields.
I just want to make sure that I didn't miss an update to the PCI DSS, for my client's benefit.