why not
Idk it seems not cool
And insecure
it's secure
Oh ok
if your website has an XSS its definitely not secure.
passwords should not be used for authentication past login