Basic Authentication: A Modest Proposal

• Part of HTTP 1.0 Spec

• Access Control based on Username/password

• Management required:

Files on server contain lists of

users/passwords

groups of users

Passwords stored in encrypted form

What does it look like?

(login as "fnerg" with password "yagga-yagga")