Revision as of 18:31, 8 April 2005 edit Lee J Haywood (talk \| contribs) 1,797 edits m User name link ← Previous edit		Revision as of 18:33, 8 April 2005 edit undo Lee J Haywood (talk \| contribs) 1,797 edits m a HTTP -> an HTTP Next edit →
Line 1: In the context of aan [[HTTP]] transaction, the '''basic authentication scheme''' is a method designed to allow a [[web browser]], or other client program, to provide credentials – in the form of a [[user name]] and [[password]] – when making a request. Although the scheme is easily implemented, it relies on the assumption that the connection between the client and server computers is secure and can be trusted. Specifically, the credentials are passed as plain text and could be intercepted easily. The scheme also provides no protection for the information passed back from the server. To prevent the user name and password being read directly, they are encoded as a sequence of [[Base64\|base-64]] characters before transmission. A later mechanism, [[digest access authentication]], was developed in order to replace the basic authentication scheme and enable credentials to be passed in a relatively secure manner over an otherwise insecure channel.

Basic access authentication: Difference between revisions