From: Ken Schaefer (kenREMOVE_at_THISadOpenStatic.com)
Date: Fri, 15 Aug 2003 13:32:36 +1000
If someone else can get access to the machine, and look at the user's
history (or just look over the user's shoulder!), then they get the
username/password in the clear.
"GI" <Jo@ezf.com> wrote in message
: Hi all,
: I would like to know wether there might be a security
: problem while sending this kind of request :
: http://Login:Password@WebsiteAdress.com for a secured web
: site with IIS (Network password).
: As I would like to allow my users to connect
: straightfully, is there any way to be hacked and somebody
: finds this http address.
: Does the problem still exist if we use https with SSL ?
: Thanks for your help.