Browsed by
Tag: Websites

Authentication Mechanisms – How Secure are They?

Authentication Mechanisms – How Secure are They?

Hello everyone! Recently, I’ve been reading about the Digest Authentication mechanism (RFC 2617) after reading the Account Password Policy section of the Windows Local Computer and Group Policy Object (GPO) editors piqued my interest. RFC 2617 describes two primary authentication methods: Basic and Digest. Basic Authentication Basic is as simple as it is insecure. Basic transfers the specified username and password in PLAINTEXT unless of course surrounded by a layer of encryption such as SSL/TLS. Which I’d STRONGLY recommended you…

Read More Read More