Unprotected Transport of Credentials

Login pages not using adequate measures to protect the user name and password while they are in transit from the client to the server. This weakness is caused by missing a security tactic during Architecture and Design stage.