Security threats Toolkit
Story: Microsoft IE patch leaves users locked out
Posted by: S. (Thursday 5 February 2004, 10:02 AM)
It's perfectly valid to pass username and password in a URL - eg over SSL, or within an otherwise secured network.
[schema]//[user]:[password]@[host]:[port]/[url-path]
is defined in RFC 1738.
The staggering thing *should* be that a major software vendor specifically denies its installed base access to accepted standard mechanisms as a workaround for its own inadequacies. But hey, what else is new.
Full Talkback thread
Story: Microsoft IE patch leaves users locked out
-
This isn't exactly news. Microsoft was advertisin... Anonymous -
A whole week? And that wasn't enough time to not o... Arthur B.
-
It's perfectly valid to pass username and password... S. -
Insert this in the registry and all user/passwords... Anonymous
-
With all the better browsers out there for the PC,... Melangell
-
With all the better browsers out there for the PC,... Melangell
-
Who will refund me for changing my identification... Carton
-
Classwork? Maybe you should go back to school, .ht... jerry ackeman
-
Well, once again, we have the dumbing down of feat... Anonymous
-
This recent gift from Microsoft has screwed up all... Anonymous
-
So what non-US foreign globalized employee in what... Anonymous
-
Is there a way, say in php to automatically authen... Anonymous
-
Hello,
Does anyone here have an alternative solut... Anonymous
-
I must be a "criminal" because each time I try to... Frustrated Microsoft
-
if you dont like windows, install linux, prat... Anonymous
