I use some customer landscape and to login to some server I've some popup which ask to provide user password to sys that I want to connect. while open the debug option in chrome I see in the request payload the password which I typed in the UI pop-up.
The ability of the person typing the password into the browser to see what that password is is not a security issue.
(If the password isn't sent to the server in an encrypted form, then that would be an issue, but nothing you've said indicates that that is the case.)