* Boyle Owen <[EMAIL PROTECTED]> [0523 12:23]:
> > -----Original Message-----
> > From: K Anand [mailto:[EMAIL PROTECTED]
> > Sent: Donnerstag, 12. Mai 2005 10:46
> > To: users@httpd.apache.org
> > Subject: Re: [EMAIL PROTECTED] Basic Authentication question
> >
> >
> > Thanx...I used ethereal to see the flow of data between browser and
> > server...one point though...I was able to see my password in
> > clear text in
> > ethereal. So it is possible that it could be open to the public ??
>
> Of course. What made you think it might be secure?
>
> If you want to hide the PW, you have to use HTTPS. However, be aware that
> Basic authentication is not very secure anyway (see
> http://httpd.apache.org/docs/howto/auth.html#basiccaveat)
You make it sound as though it's still a problem over SSL - is that what you
mean?
--
'My life, and by extension everyone else's, is meaningless.'
-- Bender
Rasputin :: Jack of All Trades - Master of Nuns
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
