Authentication Protocols

WanderWare offers client browsers the choice of either Basic Authentication(RFC 2617) or Digest Authentication with MD5 hashes(RFC 2617) as a login mechanism. Digest authentication is recommended as being more secure than Basic authentication.

Basic Authentication passes the user name and password encoded in a BASE64(RFC 2045) encoded string. Since the encoding scheme is well known and involves no secrets it is considered trivial to decode.

Digest Authentication passes the result of a 128 bit MD5 cryptographic hash on a computed secret result as the authentication information. Reversing the MD5 hash to obtain the secret is considered to be infeasible. Under this method, confirmation of the information is done by computing the hash at the server and comparing it with the result from the browser. At no time is the password transmitted over the network.


Secure Password Storage
Browser Cookie Independence
table of contents
full printable document





password protection ...
... industrial strength
distributed password protection
iis basic authentication
iis digest authentication

copyright(c) 2003
all rights reserved

design -