diff -Naur busybox.orig/util-linux/mount.c busybox/util-linux/mount.c
--- busybox.orig/util-linux/mount.c	2010-05-25 20:48:33.000000000 +0400
+++ busybox/util-linux/mount.c	2010-05-27 22:20:44.102990370 +0400
@@ -1678,6 +1678,36 @@
 		// "-o mand" is required [why?]
 		vfsflags |= MS_MANDLOCK;
 		mp->mnt_type = (char*)"cifs";
+{
+		// Fetch username/password, if any
+		char *s = mp->mnt_fsname;
+		char *at = strrchr(s, '@');
+		if (at != NULL) {
+			char *pwd;
+			// let us recombine URL in-place: //user:pass@share -> user:pass@//share
+			// step 1: //user:pass@share -> user:pass@s@share
+			// N.B. at >= s+2, due to check on '//' or '\\\\'
+			memmove(s, s + 2, at - s - 2);
+			// step 2: user:pass@s@share -> user:pass\0//share
+			*at-- = '/'; *at-- = '/'; *at++ = '\0';
+			// if password is not supplied -> ask it interactively
+			pwd = strchr(s, ':');
+			if (pwd) {
+				*pwd++ = '\0';
+			} else {
+				if (isatty(STDIN_FILENO))
+					pwd = xstrdup(bb_ask(STDIN_FILENO, /* timeout: */ 0, "Password: "));
+				else
+					pwd = xmalloc_reads(STDIN_FILENO, /* pfx: */ NULL, /* maxsize: */ NULL);
+			}
+			// append -o user=USER,pass=PASS options
+			parse_mount_options(xasprintf("user=%s,pass=%s", s, pwd), &filteropts);
+			//bb_info_msg("U[%s] P[%s] S[%s]", s, pwd, at);
+			// point to clean URL
+			mp->mnt_fsname = at;
+			memset(s, 0, at - s); // wipe security tokens
+		}
+}
 		rc = mount_it_now(mp, vfsflags, filteropts);
 
 		goto report_error;