Security Considerations re: Forms and PASSWORD input fields

Dan Connolly (
Mon, 8 May 95 16:11:14 EDT

I kinda slipped this one in. What do you think?


|The widely deployed methods for submitting forms requests -- HTTP and
|SMTP -- provide little assurance of confidentiality. Information
|providers who request sensitive information via forms -- especially by
|way of the `PASSWORD' type input field -- should be aware and make
|their users aware of the lack of confidentiality.