Content deleted Content added
Fixed typo Tags: Reverted Mobile edit Mobile web edit |
m Open access bot: url-access updated in citation with #oabot. |
||
| (8 intermediate revisions by 7 users not shown) | |||
Line 5:
Technically, digest authentication is an application of [[cryptographic hash]]ing with usage of [[cryptographic nonce|nonce]] values to prevent [[replay attack]]s. It uses the [[Hypertext Transfer Protocol|HTTP]] protocol.
DIGEST-
== Overview ==
Line 131:
| first7 = L.
| s2cid = 27137261
| url-access = subscription
}}</ref>
* Digest access authentication prevents the use of a strong password hash (such as [[bcrypt]]) when storing passwords (since either the password, or the digested username, realm and password must be recoverable)
Line 325 ⟶ 326:
== Deprecations ==
Because of the disadvantages of Digest authentication compared to Basic authentication over HTTPS it has been deprecated by a lot of software e.g.:
* Bitbucket<ref>{{Cite web |last=DeLorenzo |first=Ike |date=2015-04-03 |title=Fare-thee-well, Digest access authentication |url=https://bitbucket.org/blog/fare-thee-well-digest-access-authentication |access-date=2025-01-21 |website=Bitbucet |archive-url=https://web.archive.org/web/20240423145906/https://bitbucket.org/blog/fare-thee-well-digest-access-authentication |archive-date=2024-04-23}}</ref>
* Symfony PHP framework<ref>{{Cite web |title=[RFC] Deprecate HTTP Digest authentication · Issue #24325 · symfony/symfony |url=https://github.com/symfony/symfony/issues/24325 |access-date=2025-01-21 |archive-url=https://web.archive.org/web/20231012074234/https://github.com/symfony/symfony/issues/24325 |archive-date=2023-10-12 |website=GitHub |language=en}}</ref>
== See also ==
| |||