override protected void OnLoad(EventArgs e) { base.OnLoad(e); // *** Post back password values as well - you can always clear it manually if (this.TextMode == TextBoxMode.Password) this.Attributes.Add("value", this.Text); }As to security risk - possible, then again if you're posting hte page you're also sending it back from the client so this isn't exactly a big issue.