0

Hello,
I noticed that on some forms the password is not echoed after the user submits the form and the page reloads(this could because of errors or any other reasons). Why is this? Is there a valid security reason? Or is it just overkill? Thanks in advance.

3
Contributors
4
Replies
5
Views
9 Years
Discussion Span
Last Post by ryy705
0

Daniweb's registration is a good example. If you fill in all the fields and enter in a wrong entry for the image verification field, all the inputs will be echoed out except for the password field and the image verification field. Is this some kind of security method?

0

Hello,

In short yes - passwords are not transmitted back in that way as in one form or the other they would be plain text. If someone crafty were to open up the source on the page they'd have access to that persons password from the returned incomplete form.

Kind Regards,
Dan

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.