Do not sanitize password fields

# the password

php > $geeks="pass<h1>word";

php > $newgeeks = filter_var($geeks, FILTER_SANITIZE_SPECIAL_CHARS);

# after sanitizing it became

php > echo $newgeeks;

pass<h1>word