Revision as of 08:22, 10 February 2008 edit 62.90.32.60 (talk) No edit summary ← Previous edit		Revision as of 08:22, 10 February 2008 edit undo 62.90.32.60 (talk) →Disadvantages Next edit →
Line 14: Although the scheme is easily implemented, it relies on the assumption that the connection between the client and server computers is secure and can be trusted. Specifically, the credentials are passed as [[plaintext]] and could be intercepted easily. The scheme also provides no protection for the information passed back from the server. According to RFC 2616, Existing browsers retain authentication information indefinitely. HTTP. does not provide a method for a server to direct clients to discard these cached credentials. This is a significant defect that requires further extensions to HTTP. == Example ==

Basic access authentication: Difference between revisions