Content deleted Content added
What's a 'normal' web site. I think 'publicly accessible' is better here. |
Note about base-64 encoding wrongly used as a security meassure |
||
Line 1:
In the context of an [[HTTP]] transaction, the '''basic access authentication''' is a method designed to allow a [[web browser]], or other client program, to provide credentials – in the form of a [[user name]] and [[password]] – when making a request. Although the scheme is easily implemented, it relies on the assumption that the connection between the client and server computers is secure and can be trusted. Specifically, the credentials are passed as [[plaintext]] and could be intercepted easily. The scheme also provides no protection for the information passed back from the server.
Wrongly, people believe that this base-64 encoding is done because of security, to prevent it to be read directly by a person. This is only [[Security_through_obscurity|security through obscurity]] because it can be easily decoded, so it represents no security at all. Encoding is done, indeed, to avoid breaking the [[HTTP]] protocol data [[MIME|encoding]] because of bizarre (and [[Password_strength|more secure]]) passwords containing special HTTP characters, such as newlines.
One advantage of the basic access authentication is that it is supported by almost all popular web browsers. It is rarely used on publicly accessible [[Internet]] [[Website|web sites]] but may sometimes be used by small, private systems. A later mechanism, [[digest access authentication]], was developed in order to replace the basic access authentication and enable credentials to be passed in a relatively secure manner over an otherwise insecure channel.
| |||