markjugg has asked for the wisdom of the Perl Monks concerning the following question:

I've recently begun using HTML::FillInForm to redisplay CGI forms with errors highlighted. I'm curious about security issues with redisplaying password fields.

It seems that if I'm sending the password the server as plain text, the security is not much worse to have it sent back as plain text. However, would having the password field pre-filled possibly cause a browser to cache it in that state? I realize this question isn't specific to Perl, but I thought someone might have a pointer on it. Thanks!