I was trying to send username and password over POST method in my android app. As I understand from the standard examples, we declare a UrlEncodedFormEntity
object followed by a httpPost.setEntity(urlEncodedFormEntity)
My question is that is it considered "safe" to send passwords via this method (assuming that there is an encryption available)?
This is as I have also read posts saying that one should not send passwords via the GET method, as it may be encoded into the URL string. If so, does the UrlEncodedFormEntity
do the same thing? (By the wording URL encoded).
My networking knowledge is rather fuzzy and thanks all for the help.