I have the same user/password page on 2 different windows servers. Both IIS7
When I type an incorrect username/password on server 1 I get redirected to my incorrect password page and the URL shows:
Which is correct. BUT.
On server two it shows more of the error message in the URL. In fact if the user is correct but the password isn't it will give those details in the URL. I think this may be an IIS configuration. Can you please shed some light on what to change so it doesn't display that additional information on server2 ?