Your question isn't entirely clear, but if you mean the CGI application is password protected and you want the user/pass of whomever logged into that, then:-

If it's protected with htaccess...

CGI.pm's remote_user method will give you the username.

There's no equivalent method for passwords because most sane web servers purposely remove that information prior to running your script.

The only way to fix that would be to reconfigure your server, which may entail changing source code and recompiling the web server.

You should then be able to see the password somewhere in the %ENV hash. (If your web server ISN'T sane, you may already be able to find the password there.)

If it's protected via code in the CGI itself (eg, parsing a login form)...

Again, using CGI.pm, you can access the contents of a submitted form using the param method, so if you had fields named 'username' and 'password' in your login form, you'd access them with $q->param('username') and $q->param('password') respectively (assuming your CGI object was in $q).

If neither of these address your problem, then I refer you to idsfa's post above so that we can more fully understand your question.