ASM can see the uncrypted password of users

Hi,

I am testing with my ASM v11+HF6, and used the logging profile (all requests), but ASM show me the name of user and password of user. I created a login page with value only of username form id and enabled the sessions awareness and select the login page that created before. What can i do to hide this sensitive data? I enabled the data guard and enforce the login page and still capture the password on logs.

Regards