I know it is seen easily. That's why I have 2 reandom generated keyes to Encrypt and Decrypt the password with. And the Cookies I create, expires in a sec, right after the next script receives them. The Encrypter is to Encrypt passwords that are send by <input> from a login part of my community. When the server recieves the password, the PHP part of the Encrypter calls the 2 cookies that were created using the JavaScript Part of the encrypter, decrypts the password using the 2 keyes, and expires the cookies .... But I can not use PHP to Encrypt the password before it is send to the server, that requires Client Side scripting. And I see 2 problems using Cookies to tranfer the keyes. 1: The cookies are not allways created in time for the next script to recieve them. 2: Cookies are not the most secure place to store that kind of information. Not even in a sec. Now, I am not a shark at XML. I just started using it. But is XMLHTTPRequest not less secure place to store information then cookies?? I think I wrote it wrong before, sorry... It's like i wrote above. It is not the password it self I need to tranfer. That I do with a form. It is the 2 keyes that is needed to decrypt the password I need to tranfer...