You save them in a database. Probably in clear text. Six of one, half-dozen of the other.
A password being put into a normal text field in a properly submitted form is a lot less likely than getting into some query or path. And a database is more likely to be handled properly than some random log file.
Six of one, .008 of a dozen of the other.
A password being put into a normal text field in a properly submitted form is a lot less likely than getting into some query or path. And a database is more likely to be handled properly than some random log file.
Six of one, .008 of a dozen of the other.