let the user authenticate privately instead of sending userid and password to you in cleartext
There are a few options you can use:
You may want to send us the HTML over HTTP POST instead of sending us a URL to visit. Or you may send us a cookie jar file that allows us to visit your private page. You can also discuss custom options with us of course.
Please have a look at the new API that has a section on accessing secure pages: http://PDFmyURL.com/html-to-pdf-api