Please stop sending user passwords through http in plain text (and saving them as plain text in the .ini) soon.
I assume that both of you know that this is everything but secure, and I hope you're not saving the passwords as plain text in your database...
