You happen to be on issue re: information and facts leakage and This could be a crucial thought for any person rolling their very own authentication/authorization scheme. +1 for mentioning OWASP. If you do require to do this, utilize a Virtual Non-public Network or VPN. A VPN will defend any http://pigpgs.com
