Ryan A wrote:
Quick question, one of our sites already uses BASIC_AUTH to take the username
and pass from clients, we were thinking of instead doing it via a login form
(so we can also add a CAPTCHA later...if needed)
what I would like to know is, by using a login form instead of a BASIC_AUTH are we
comprimising security in any way (for example if someone is using a "sniffer")
or does BASIC_AUTH have some kind of extra inbuilt security that forms dont have that I
am not aware of?
Basic authentication offers no more security than a form - the login
details are sent as plain text using both methods.
-Stut
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
