Move password to body of message for authentication.

[ranganathanm]

The access log of the web server will include the URL of the request. Therefore, you cannot put the password in as part of the URL. The authentication url includes the password currently. This is a security issue.

[jkubNTIA]

This is fixed with the JSON data now storing the password