The password type of the <input> element represents a one-line plain-text edit control for entering a password, which renders input text in such a way as to hide the characters (e.g., a series of asterisks).
**Security Warning: **Using this object incorrectly can compromise the security of your application. Passwords submitted through input type=password are not encrypted and therefore not secure. Using Secure Hypertext Transfer Protocol (HTTPS) is strongly recommended. You should also use the post method for submitting passwords. This submission method hides the password from most users by placing it in the HTTP header. The get method submits the password as part of the URL string, which might be exposed in the Address bar and the status bar. You should review the Security Considerations: Dynamic HTML before continuing. Note Starting with Internet Explorer 10, password fields will automatically display a warning if the caps lock is on. To turn off the automatic caps lock warning, use the msCapsLockWarningOff property on the document object.
- Document Object Model (HTML) Level 1
- Form controls part 1Form controls part 1
- Form controls part 2: validationForm controls part 2: validation
Microsoft Developer Network: [Windows Internet Explorer API reference Article]