Can a username and password be sent safely over HTTPS via URL parameters?

Question

A colleague and I had a heated debate yesterday whether it is safe to send login credentials via URL parameters as a means of authentication. He correctly pointed out that

Answer 1

As far as the transmission of the credentials are concerned, he is right. But there are many other things to consider, like brwser history, server logfiles, users watching the screen etc. which would be a risk in that case.