A sample auto-submission form, to be generated in a temporary html code:
As you may have noticed, the plain-text password is set in the form, so it might be more secure to leave the value blank, and try and set the value via ajax, or some dynamic option, and/or specify that this page must not be cached by the browser, so it cannot be retrieved from disk later on.
A better option would be to pre-set a short-term use Login Key, just for this client's IP address. It would expire after a certain amount of time, and only allow this client's IP to login with it. Much more secure.
Use the created Login Key for the password, along with this account's usual username (not the login key name)