Me wrote:
I am passing the userid and password from one asp page to
another, how can I restrict it from displaying it on the
url?
Eg. http://mywebsite/employeeinformation...ariable=myname
If you do not want credentials in the querystring, do not put them there.
That leaves the rest of the request, including headers. None of these is an
especially great parking place for credentials unless you are using SSL.
The *simplest* solution is probably to use integrated Windows security.
Alternately, you could store credentials in session variables. Your question
is far to general to merit further comment.
--
Dave Anderson
Unsolicited commercial email will be read at a cost of $500 per message. Use
of this email address implies consent to these terms.