ok, with bare-bone ff. any suggestion about a minimal features, not bloated, addon ? – Massimo – 2018-03-14T16:28:03.733

1No. Any plugin-based features will have the same drawback: They'll work within the user's context, and any information they have will be information the user can retrieve. Your two requirements: Unable to change the server and unable to share the credentials, are at odds with each other and cannot both be satisfied. Either you create a user account with limited-enough permissions that sharing it is not a threat, or you use alternative authentication or access validation methods on the server itself. Perhaps a security certificate issued to each client. – music2myear – 2018-03-14T16:36:26.703

we cannot change the server and login behaviour. the plugin can allow to programmatically pre-load the credentials (example from file), but don't show them to the users. for us a similar solution is fine, we aren't fighting hackers. – Massimo – 2018-03-14T17:38:38.853

You do not appear to understand two things: 1, If you assume you're not fighting hackers, you're assuming wrong, and you shouldn't be allowed anywhere near a system with an administrator role, and 2, there is no way to pass credentials through a browser that does not make them available in some way to the user of the browser. Given the limits you have given us, there is no way to do this without making it possible for the users to get the credentials if they so desire. – music2myear – 2018-03-14T20:33:31.227