Quote Originally Posted by V3nn3tj3 View Post
Please use a password instead of textbox, this makes the password secure, and not readable to the user...
I know, this makes you get a char[] instead of a string, but this is much more secure, i do hope you don't send the password trough in plain text? Ifso, this would be very bad...
Also, you could store the password as a SHA-1 String or something (possible to convert char[] to SHA-1, there are functions for it), and this SHA-1 should be send to server then!
The password is also in 'plaintext' on the site, so in my eyes it wouldn't make a difference if you would hide it or not in the app. Furthermore, you don't need to worry about your password as this 'password' string does not contain your forum password. The "password" contains a mix of secret elements, and are encrypted with a password no one will guess. In summary: there is no security risk