I am running my application through HTTPS, and when attempting to log in, I need to send my username and password. However, in the devtools of the browser, the sensitive information is visible in plain text. What steps can I take to ensure that the data remains encrypted and secure even when inspecting network traffic in the devtools?
As long as the request is being sent through https , your data will be generally safe from any MITM attack, For example, from users sharing the same wifi, your isp provider, any vpn etc won't be able to access your sensitive data. But your browser and the backend server will still have access to it and can be stolen through xss attacks, browsers with bad security or using malicious browser extensions