High This Hint is very important, and definitely warrants attention. Issue This Hint represents an error or problem that needs to be fixed.

HTTP URL contains a password input field

This means that the URL in question uses the HTTP protocol, but contains a form with a password input field.

Why is this important?

Sensitive data such as passwords should be transferred using a secure method. Since HTTP URLs are not secured with SSL, the form itself could be compromised before the data gets processed, therefore this is not secure.

What does the Hint check?

This Hint will trigger for any internal HTTP URL which contains a <input type=password> password field.

Examples that trigger this Hint:

This Hint would trigger for any URL if it contained the following in the HTML:

User name:<br>
<input type="text" name="username"><br>
User password:<br>
<input type="password" name="psw">

How do you resolve this issue?

The best approach would be to load the entire site over HTTPS, since there are loads of good reasons to do this.

However, if this is not possible, then you need to remove the form from the HTTPS page, and instead link to a dedicated (HTTPS) page or pop it up in a separate window.

Further reading

Free 14 day trial.
Full, unrestricted access.
No credit card required.

Try Sitebulb for Free