Why doesn't SSL encrypt my password?

I navigated to a website which appears to use SSL. I believe it uses SSL for the following reasons:
1.) the domain name is preceded by "https://" instead of just "http://"
2.) The login page has a "login" button with a padlock Icon on it.

I could be wrong, and am a bit confused though whether SSL is being used or not. If I right click on the web page and look at the properties dialog box it lists a bunch of information. Here is some of the information displayed:
Protocol: Hyper Text Transfer protocol with privacy
Connection: TLS 1.0.AES with 256 bit encryption (High);
                       ECDH_P256 with 256 bit exchange
Zone:              Local Intranet| Protected mode : Off
Also their is a button on the dialog box with a "Certificates" button on it. If I press on that button another dialog box will be displayed with 3 tabs on it, "General","Details", and "Certification Path".
There are two other buttons on the dialog box. One is labeled "Install Certificate" and the other is labeled "Issuer Statement". On the General tab the following information is displayed :
Issued by: VeriSign Class 3 Secure Server CA - G3.

On the login webform for this site, when I load the web form, my username is automatically populated in the username text box, and so is my password, which is masked by black dots, which is good.

So I am confused, because if I press the F12 button in IE11, and examine the html markup, I am able to view the password which is masked on the web form.

So if this site is using SSL why is my password still visible in the HTML markup? I thought that SSL would prevent this. I thought the SSL would encrypt the password, so that it would not be visible in the markup.
LVL 2
brgdotnetcontractorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

rindiCommented:
Passwords and data aren't encrypted in your browser or history, but rather the communications between your PC and the servers are encrypted, making it hard for those who intercept the communication to make any sense of what your PC and the servers are talking about.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Mal OsborneAlpha GeekCommented:
If you are worried, install a packet capture utility, and hunt for clear text passwords. Wireshark is free and pretty good.
0
Dave BaldwinFixer of ProblemsCommented:
rindi is correct, the data is only encrypted by SSL/TLS when it is in transmission from your browser to the server.  That is all that HTTPS does.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SSL / HTTPS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.