http://unfuddle.com/community Unfuddle Community Forums www.unfuddle.com/community:3:967:2757 http://www.unfuddle.com/community/forums/3/topics/967 When I login with the ajax login form, I noticed that from that point on, my urls contain both my username and password in plaintext. ie https://my-site.unfuddle.com/...?ajax_username=my-username&ajax_password=my-password. That isn't very secure. This only happens when my session expires while I'm working in unfuddle and the ajax popup comes up. Wed, 18 Aug 2010 22:10:17 UTC kleinmp www.unfuddle.com/community:3:967:2758 http://www.unfuddle.com/community/forums/3/topics/967 Kleinmp, You are right. This is insecure and completely unacceptable. This issue was the unfortunate result of a very recent (within the last 24 hours) deploy. Please note that the issue only persisted for a few hours earlier today and has since been fixed. If you have not done so already, please clear your cache and reload Unfuddle in your browser to make sure you have the updated interface. I apologize for the inconvenience. Wed, 18 Aug 2010 23:30:14 UTC David C.