haruki zaemonReckon you've seen some stupid security things? Here, hold my beer...
Shared by Simon HarrisYes, that’s just a Base64 encoded version of your password in a cookie and yes, it’s being sent insecurely on every request and also yes, it’s not flagged as “secure” therefore it’s being sent in the clear.