If the content is highly confidential, use SSL. It will encrypt the user ID or password so any hackers intercepting Internet traffic will not be able to read the data passing through the Internet.
Depending on how you are authenticating, make sure you are not vulnerable to SQL Injection attacks. For more information about preventing SQL injection vulnerabilities, check out http://www.unixwiz.net/techtips/sql-injection.html. SearchAppSecurity.com also has a few tips on SQL injection in this feature, Don't become a victim of SQL injection.
This was first published in May 2006