Endpoint Application Control always protects passwords sent between web browsers and the server by using RSA encryption, salts, and hashes. Hackers can sniff the packets and attempt to use them to gain access to the console. But, hackers should be unable to perform reply attacks or decrypt passwords.
Properly configuring and using Transport Layer Security (TLS) or Secure Sockets Layer (SSL) can enhance password and communication security. To learn more about TLS/SSL, see TLS/SSL Considerations.
For web console accounts and passwords, Endpoint Application Control is unable to support "fullwidth form" characters, such as those used by Japanese, Chinese, and Korean.