There is a lot of ways to secure and encrypt your password. What i usually do is, take the values and send them to the CF server using AJAX as binary code. Like using ajax to upload a file. Basically the string get encoded encrypted thru the ajax. And the XML file changes order and format per request. There is an encrypted variable that defines what type of XML format is been submited as. Then on the CF side i get the values. Read the XML, parse it and then unencrypt the password and user. By the way the user and password get encrypted as one string together. And the delimeter changes randomly. I did this type of login for a transaction based website that wanted something really complicated and secure.