From a security point-of-view POST and GET are more or less the same. While it is true that POST doesn't show information via the URL, it exposes the same information as a GET in the actual network communication. Some would say using usr/pwd over http is completely unsafe. If security is an issue you better use https, sufficient for most purposes.

Cheers

Harry