Add warning about password role (#396)

* Add warning about password role

* Make password warning note use warning styling

* Make whitespace consistent

aria/aria.html

@@ -4555,6 +4555,7 @@ <h5 id="role-none-ednote-none">Editorial Note regarding the ARIA 1.1 <code>none<
 			<rdef>password</rdef>
 			<div class="role-description">
 				<p>[ARIA 1.1] An <rref>input</rref> for entering a password.</p>
+				<p class="warning">The <code>password</code> <a>role</a> does not convey or apply any of the security or privacy considerations found in native password fields. Authors are responsible for making sure that custom password fields have robust security and privacy protection, as befits their use.</p>
 				<p>The <code>password</code> <a>role</a> makes it possible for <a>assistive technologies</a> to customize their behavior in order to not inadvertently expose private information. For instance, a screen reader which normally echoes key presses might instead remain silent or echo each displayed character as it is inserted. In order to facilitate the latter behavior, authors SHOULD set the <code>password</code> element's text to characters which obscure the real value, when that value is obscured on screen. Authors SHOULD also update that text each time a character is inserted or deleted by the user.</p>
 				<p>In order to ensure that passwords will not be overheard during input, assistive technologies SHOULD NOT echo key presses of printable characters when an element with role <code>password</code> has focus, unless the user has explicitly enabled this option. If the user has enabled key echo, assistive technologies SHOULD present each rendered character as it is inserted rather than speaking a predetermined character, such as &quot;star.&quot; Presenting the rendered characters ensures that all users receive the same information, including notification when the value is being entered into an unobscured <code>password</code> field.</p>
 			</div>