In my PHP script I may generate a QR code that is used as a two-factor authentication private key for a user login. (Such QR code is shown only at the moment when user account is created.) The QR code itself is generated as an image as such:
<img src="https://chart.googleapis.com/chart?chs=200x200&chld=M%7C0&cht=qr&chl=otpauth://totp/Example:alice@gmail.com?secret=TGABZXEP4LKB46AX&issuer=Example" alt="QR code">
Because this QR code contains sensitive information, I was wondering if there's a way to prevent web browsers from caching (or in any way saving) this image on the client's computer?