Monitoring scenarios may pass the credentials to access a site as part of the site URL, for example
https://john:firstname.lastname@example.org. When listing the URLs of the slowest requests in alert e-mails or on the scenario execution page, it might happen that sensitive information is revealed. Now access credentials are no longer visible, but displayed in masked form only, such as
https://< user >:< password >@example.com.