diff --git a/webgoat-lessons/secure-passwords/src/main/java/org/owasp/webgoat/plugin/SecurePasswordsAssignment.java b/webgoat-lessons/secure-passwords/src/main/java/org/owasp/webgoat/plugin/SecurePasswordsAssignment.java
index aa35a5cc8..f3dea6c63 100644
--- a/webgoat-lessons/secure-passwords/src/main/java/org/owasp/webgoat/plugin/SecurePasswordsAssignment.java
+++ b/webgoat-lessons/secure-passwords/src/main/java/org/owasp/webgoat/plugin/SecurePasswordsAssignment.java
@@ -38,7 +38,7 @@ public class SecurePasswordsAssignment extends AssignmentEndpoint {
         DecimalFormat df = new DecimalFormat("0", DecimalFormatSymbols.getInstance(Locale.ENGLISH));
         df.setMaximumFractionDigits(340);
 
-        output.append("<b>Your Password: </b>" + password + "</br>");
+        output.append("<b>Your Password: *******</b></br>");
         output.append("<b>Length: </b>" + password.length()+ "</br>");
         output.append("<b>Estimated guesses needed to crack your password: </b>" + df.format(strength.getGuesses())+ "</br>");
         output.append("<div style=\"float: left;padding-right: 10px;\"><b>Score: </b>" + strength.getScore()+ "/4 </div>");
diff --git a/webgoat-lessons/secure-passwords/src/main/resources/html/SecurePasswords.html b/webgoat-lessons/secure-passwords/src/main/resources/html/SecurePasswords.html
index a965e00dc..7878b2155 100644
--- a/webgoat-lessons/secure-passwords/src/main/resources/html/SecurePasswords.html
+++ b/webgoat-lessons/secure-passwords/src/main/resources/html/SecurePasswords.html
@@ -26,7 +26,7 @@
             <table>
                 <tr>
                     <td><label>Password</label></td>
-                    <td><input name="password" value="" type="TEXT" placeholder="Enter a secure password"/></td>
+                    <td><input name="password" value="" type="password" placeholder="Enter a secure password"/></td>
                 </tr>
                 <tr>
                     <td><button type="SUBMIT">Submit</button></td>