login() method logs passwords

[vEpiphyte]

The login() method ends up resulting in the user credentials being logged at the debug log level ( through login() -> execute() -> send() ).

It would be nice if the password was not logged; but I don't see a great mechanism currently to omit a specific subset of data in the send() method.

[bamthomas]

hmm you're right. Maybe with a regexp ?

[vEpiphyte]

@bamthomas I put up a PR related to this for scrubbing arbitrary strings out of the send() command.