Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I noticed a few big sites use HTTP authentication.
Im wondering what the main difference is between this and session based logins are.
Any advantages or disadvantages.
Any explanation and or suggestions would be helpful as i’m trying to decide which login to use for my site.
thanks
The biggest disadvantage of HTTP Authentication, from a user’s point of view, is probably the fact that you get an ugly looking dialog box, and not a nice form integrated into your website.
You also cannot include any link to a “register” form, or some help, nor some “I’ve forgotten my password” information.
For some kind of back office, maybe http authentication is OK ; but I have some doubts about its usage for some public front office.
Another inconvenient is that there is no “auto-logout” functionnality, with HTTP Authentication : with sessions, the session expires after some time, or the cookie is automatically deleted when the user closes his browser… But not with HTTP Authentication ; so, on this point, HTTP Authentication seems less secure.