I don't understand why this isn't already implemented. It seems essential to me and basic security best practices.