Currently after login/logout, a user's password still exists in component state and can be retrieved with console access.
This adds 2 redundant behaviors:
On successful login, the component will automatically clear the password field.
On session change (such as a login) the entire component will be destroyed. I think this is a good practice to also clear the username field and whatever other state has accumulated, but there may be reasons not to do this, so the decision is left up to the app developer.
Currently after login/logout, a user's password still exists in component state and can be retrieved with console access.
This adds 2 redundant behaviors: