Yes, that is acceptable. Even if the password is visible in the Networks tab - only the user who entered it would be able to see it. An attacker without physical access, would not be able to see the contents of the Networks tab/console.
Also, would recommend you to enable HSTS. Forgot to mention in my earlier comment.
It stands for HTTP Strict Transport Security. It is a method used by websites to declare that they should only be accessed using a secure connection (HTTPS). If a website declares an HSTS policy, the browser must refuse all HTTP connections and prevent users from accepting insecure SSL certificates. HSTS is currently supported by most major browsers (only some mobile browsers fail to use it).
Hope this helps!
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Yes, that is acceptable. Even if the password is visible in the Networks tab - only the user who entered it would be able to see it. An attacker without physical access, would not be able to see the contents of the Networks tab/console.
Also, would recommend you to enable HSTS. Forgot to mention in my earlier comment.
Hope this helps!