In PHP, when making a login page, if your page is HTTPS, is it common for the username/password to appear in the request post information?
Shouldn't the password be encrypted? What am I missing?
Here is an example of what I'm talking about: this website is called souq.com where you can see in Firebug monitoring it's showing the username and password.