I have a requirement to authenticate my app users through Active
Directory. My login form captures a user's ID and password and passes
them to a net/ldap routine. I'm using form_for...|form| to create
the form and form.password_field to create the password field. The
password entry is encrypted on the screen but appears unencrypted in
the development log in the params listing.
What can I do to keep the unencrypted password from appearing in the