Why doesn't InfoPath have a Password control?

Q: I want to create a control for entering passwords in an InfoPath form. How do I do this?

A: InfoPath cannot guarantee the security and privacy of text entered into a password control, so it does not contain such a control.

But Why?

A typical password control contains features that make it hard for anyone but the user typing the password to discover what that text is. Password controls may also interact with a secure server so that the password is not sent in clear text, but is instead encrypted. Further, copying the text from a password control is not allowed.

Because InfoPath allows files to be stored to a user’s local file system, InfoPath will the store the value typed into a field along with the XML. Additionally, InfoPath does not perform encryption of network traffic, meaning field values used as passwords will always be sent in clear text.

But I still want a password control

For the above reasons, we discourage using the contents of a field in an InfoPath form for entering and submitting passwords. Additionally, modifying the files used to create an InfoPath view to use the standard HTML password control (e.g. <INPUT type=”password” ID=”MyPassword”>), will not work in InfoPath. The nearest behavior that can be achieved is to format an InfoPath Text Box control to use a symbol font set, such as WebDings or WingDings so that the text being entered cannot easily be read as it is being typed.