diff --git a/harbour/ChangeLog b/harbour/ChangeLog
index 6a53020506..16b477e749 100644
--- a/harbour/ChangeLog
+++ b/harbour/ChangeLog
@@ -17,6 +17,26 @@
    past entries belonging to author(s): Viktor Szakats.
 */
 
+2010-01-13 17:12 UTC+0100 Viktor Szakats (harbour.01 syenar.hu)
+  * src/rtl/Makefile
+  + src/rtl/strclear.c
+  * include/hbextern.ch
+    + Added HB_STRCLEAR() function to safely clear the content
+      of a string variable.
+      Notice that this method by itself can only work if the
+      string variable has no other references, and generally
+      you have to code carefully to avoid creating unwanted
+      copies of the string when passing it around in an app.
+      So this is no silver bullet, but rather just one component
+      to solve this problem.
+
+  * contrib/hbnetio/utils/netiosrv.prg
+    + Added steps to avoid having the password stored in memory,
+      while the server is running.
+
+  * src/rtl/philes.c
+    % Minor cleanup.
+
 2010-01-13 15:45 UTC+0100 Viktor Szakats (harbour.01 syenar.hu)
   * contrib/hbnetio/utils/netiosrv.prg
     + Internal change moving all server object related variables to
diff --git a/harbour/contrib/hbnetio/utils/netiosrv.prg b/harbour/contrib/hbnetio/utils/netiosrv.prg
index c644dc6cb0..3a55e389eb 100644
--- a/harbour/contrib/hbnetio/utils/netiosrv.prg
+++ b/harbour/contrib/hbnetio/utils/netiosrv.prg
@@ -52,6 +52,8 @@ PROCEDURE Main( ... )
    LOCAL cCommand
    LOCAL cPassword
 
+   LOCAL aParam
+
    HB_Logo()
 
    netiosrv[ _NETIOSRV_nPort ]         := 2941
@@ -60,7 +62,9 @@ PROCEDURE Main( ... )
    netiosrv[ _NETIOSRV_lRPC ]          := .F.
    netiosrv[ _NETIOSRV_lEncryption ]   := .F.
 
-   FOR EACH cParam IN hb_AParams()
+   aParam := hb_AParams()
+
+   FOR EACH cParam IN aParam
       DO CASE
       CASE Lower( Left( cParam, 6 ) ) == "-port="
          netiosrv[ _NETIOSRV_nPort ] := Val( SubStr( cParam, 7 ) )
@@ -70,6 +74,8 @@ PROCEDURE Main( ... )
          netiosrv[ _NETIOSRV_cRootDir ] := SubStr( cParam, 10 )
       CASE Lower( Left( cParam, 6 ) ) == "-pass="
          cPassword := SubStr( cParam, 7 )
+         hb_StrClear( @cParam )
+         hb_StrClear( @aParam[ cParam:__enumIndex() ] )
       CASE Lower( Left( cParam, 5 ) ) == "-rpc="
          netiosrv[ _NETIOSRV_cRPCFFileName ] := SubStr( cParam, 6 )
          netiosrv[ _NETIOSRV_cRPCFHRB ] := hb_hrbLoad( netiosrv[ _NETIOSRV_cRPCFFileName ] )
@@ -97,10 +103,10 @@ PROCEDURE Main( ... )
                                           netiosrv[ _NETIOSRV_cIFAddr ],;
                                           netiosrv[ _NETIOSRV_cRootDir ],;
                                           iif( Empty( netiosrv[ _NETIOSRV_cRPCFHRB ] ), netiosrv[ _NETIOSRV_lRPC ], hb_hrbGetFunSym( netiosrv[ _NETIOSRV_cRPCFHRB ], _RPC_FILTER ) ),;
-                                          cPassword )
+                                          @cPassword )
 
    netiosrv[ _NETIOSRV_lEncryption ] := ! Empty( cPassword )
-   cPassword := NIL /* Attempt to clear plain text pw from memory */
+   hb_StrClear( @cPassword ) /* Attempt to clear plain text pw from memory */
 
    IF Empty( netiosrv[ _NETIOSRV_pListenSocket ] )
       OutStd( "Cannot start server." + hb_osNewLine() )
diff --git a/harbour/include/hbextern.ch b/harbour/include/hbextern.ch
index 97f9a54d83..650df1437f 100644
--- a/harbour/include/hbextern.ch
+++ b/harbour/include/hbextern.ch
@@ -931,6 +931,7 @@ EXTERNAL HB_STRTOHEX
 EXTERNAL HB_STRDECODESCAPE
 EXTERNAL HB_STRCDECODE
 EXTERNAL HB_STRXOR
+EXTERNAL HB_STRCLEAR
 EXTERNAL HB_ISPRINTER
 EXTERNAL HB_GETENV
 EXTERNAL HB_SETENV
diff --git a/harbour/src/rtl/Makefile b/harbour/src/rtl/Makefile
index 765bebfc0d..ce227bf0fd 100644
--- a/harbour/src/rtl/Makefile
+++ b/harbour/src/rtl/Makefile
@@ -163,6 +163,7 @@ C_SOURCES := \
    str.c \
    strc.c \
    strcase.c \
+   strclear.c \
    strmatch.c \
    strpeek.c \
    strtoexp.c \
diff --git a/harbour/src/rtl/philes.c b/harbour/src/rtl/philes.c
index c2eb1de7f5..bf806bd822 100644
--- a/harbour/src/rtl/philes.c
+++ b/harbour/src/rtl/philes.c
@@ -113,11 +113,13 @@ HB_FUNC( FREAD )
 {
    PHB_ITEM pBuffer = hb_param( 2, HB_IT_STRING );
    HB_ERRCODE uiError = 0;
-   ULONG ulRead = 0, ulSize;
-   char * buffer;
+   ULONG ulRead = 0;
 
    if( HB_ISNUM( 1 ) && pBuffer && HB_ISBYREF( 2 ) && HB_ISNUM( 3 ) )
    {
+      char * buffer;
+      ULONG ulSize;
+
       ulRead = hb_parnl( 3 );
 
       /* NOTE: CA-Cl*pper determines the maximum size by calling _parcsiz()
diff --git a/harbour/src/rtl/strclear.c b/harbour/src/rtl/strclear.c
new file mode 100644
index 0000000000..0edc744977
--- /dev/null
+++ b/harbour/src/rtl/strclear.c
@@ -0,0 +1,75 @@
+/*
+ * $Id$
+ */
+
+/*
+ * Harbour Project source code:
+ * HB_STRCLEAR() function
+ *
+ * Copyright 2010 Viktor Szakats (harbour.01 syenar.hu)
+ * www - http://www.harbour-project.org
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2, or (at your option)
+ * any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; see the file COPYING.  If not, write to
+ * the Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307 USA (or visit the web site http://www.gnu.org/).
+ *
+ * As a special exception, the Harbour Project gives permission for
+ * additional uses of the text contained in its release of Harbour.
+ *
+ * The exception is that, if you link the Harbour libraries with other
+ * files to produce an executable, this does not by itself cause the
+ * resulting executable to be covered by the GNU General Public License.
+ * Your use of that executable is in no way restricted on account of
+ * linking the Harbour library code into it.
+ *
+ * This exception does not however invalidate any other reasons why
+ * the executable file might be covered by the GNU General Public License.
+ *
+ * This exception applies only to the code released by the Harbour
+ * Project under the name Harbour.  If you copy code from other
+ * Harbour Project or Free Software Foundation releases into a copy of
+ * Harbour, as the General Public License permits, the exception does
+ * not apply to the code that you add in this way.  To avoid misleading
+ * anyone as to the status of such modified files, you must delete
+ * this exception notice from them.
+ *
+ * If you write modifications of your own for Harbour, it is your choice
+ * whether to permit this exception to apply to your modifications.
+ * If you do not wish that, delete this exception notice.
+ *
+ */
+
+#include "hbapi.h"
+#include "hbapiitm.h"
+
+HB_FUNC( HB_STRCLEAR )
+{
+   PHB_ITEM pBuffer = hb_param( 1, HB_IT_STRING );
+
+   /* NOTE: clear RETURN value before calling hb_itemGetWriteCL(),
+            it's possible that it contains copy of passed item [druzus] */
+   hb_retl( HB_FALSE );
+
+   if( pBuffer && HB_ISBYREF( 1 ) )
+   {
+      char * buffer;
+      HB_SIZE nSize;
+
+      if( hb_itemGetWriteCL( pBuffer, &buffer, &nSize ) )
+      {
+         memset( buffer, '\0', nSize + 1 );
+         hb_retl( HB_TRUE );
+      }
+   }
+}