Learned a new term today going through 19 Deadly Sins of Software Security. They give an example of a URL containing a strange looking id parameter: 1www.xyzzy.com?id=TXkkZWNyZStwQSQkdzByRA== Turns out a simple run through a base64 decoder for gives you: 1My$ecre+pA$$w0rD The authors then refer to this as an “encrapted” password.