Revision as of 09:26, 10 January 2005 edit Niqueco (talk \| contribs) 191 edits Added link to "digest access authentication" ← Previous edit		Revision as of 20:02, 11 January 2005 edit undo Lee J Haywood (talk \| contribs) 1,797 edits m Removed duplicate link, reworded sentence, unsecure -> insecure Next edit →
Line 1: In the context of a [[HTTP]] transaction, the '''basic authentication scheme''' is a method designed to allow a [[web browser]], or other client program, to provide credentials – in the form of a user name and [[password]] – when making a request. Although the scheme is easily implemented, it relies on the assumption that the connection between the client and server computers is secure and can be trusted. Specifically, the credentials are passed as plain text and could be intercepted easily. The scheme also provides no protection for the information passed back from the server. To prevent the user name and password being read directly, they are encoded as a sequence of [[Base64\|base-64]] characters before transmission. A ~~new~~later ~~authentication~~mechanism, ~~scheme~~[[digest access authentication]], was developed in order to replace the basic authentication scheme. ~~It's~~and ~~called~~enable ~~[[digest~~credentials ~~access~~to ~~authentication]] and~~be ~~enables~~passed ~~secure credential passing~~securely over an ~~unsecure~~otherwise insecure channel. One advantage of the basic authentication scheme is that it is supported by most clients. It is rarely used on normal [[Internet]] [[Website\|web sites]] but is suitable for small, private systems. Line 69: (followed by a blank line and HTML text comprising of the restricted page). ~~=== See Also ===~~ * [[Digest access authentication]].

Basic access authentication: Difference between revisions