[imp] Windows XP caches login credentials.

Alain Williams addw@phcomp.co.uk
Mon, 15 Jul 2002 23:52:33 +0100

Previous message: [imp] Windows XP caches login credentials.
Next message: [imp] Windows XP caches login credentials.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jul 15, 2002 at 06:46:12PM -0400, Joe Kellner wrote:
> >From the apache docs:
> 
> How do I log out?
> Since browsers first started implementing basic authentication, website
> administrators have wanted to know how to let the user log out. Since the
> browser caches the username and password with the authentication realm, as
> described earlier in this tutorial, this is not a function of the server
> configuration, but is a question of getting the browser to forget the
> credential information, so that the next time the resource is requested, the
> username and password must be supplied again. There are numerous situations
> in which this is desirable, such as when using a browser in a public
> location, and not wishing to leave the browser logged in, so that the next
> person can get into your bank account.
> 
> However, although this is perhaps the most frequently asked question about
> basic authentication, thus far none of the major browser manufacturers have
> seen this as being a desirable feature to put into their products.
> 
> Consequently, the answer to this question is, you can't. Sorry.

Ease of use & 'functionality' wins over security every time.

Why do you think that M$ is so popular ?

-- 
Alain Williams

#include <std_disclaimer.h>

Previous message: [imp] Windows XP caches login credentials.
Next message: [imp] Windows XP caches login credentials.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]