FreeKB - Wireshark View HTTP usernames and passwords
Wireshark - View HTTP usernames and passwords

Lets say there is a Web page Notice this page is using the unencrypted HTTP protocol. We can follow these steps in Wireshark to capture the unencrypted packets:

  1. Start a capture in Wireshark.
  2. Navigate to and sign in. In this example, username and password Super-secret-password are used.
  3. Stop the catpure in Wireshark.
  4. Type HTTP into the Filter and select Apply.
  5. Highlight the POST /Account/Login packet.
  6. Expand HTML Form URL Encoded.


Using the same example, instead of signing in at, if we signed in the HTTPS page,, and run Wireshark, we can see the traffic is definitely encrypted, and we can not see the username or password.


Note: If we have access to the private key, we can decrypt the SSL traffic.

Add a Comment

We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.

Please enter 91c9d in the box below so that we can be sure you are a human.


Web design by yours truely - me, myself, and I   |   |