In VT100/VT220/VT320 emulations, the DHTML client utilizes a local echo technique to avoid sluggishness at the client due to round-trips to the host. One area that this can affect is the potential for unwanted display of password text which is NOT typically echoed by the host.
To avoid this, you need to define password prompt strings so that the client logic knows when to NOT echo keystrokes locally.
VT Password Definition
Open the SCHSDef.js file in your favourite editor (e.g. Notepad). The LoadHSDefs function initialises how VT password entry is handled to avoid password characters appearing on the screen. Each row will be checked for the text in the pwCheckText variable. If the text appears on the row then each character will be sent to the host and the key pressed will not be displayed. For example the following line of code would check for “password” or “pw”:
pwCheckText="*password*pw*";