|
|
BugTraq
MS to stop allowing passwords in URLs Jan 28 2004 10:54PM McAllister, Andrew (McAllisterA umsystem edu) (10 replies) Re: MS to stop allowing passwords in URLs Feb 03 2004 10:12PM Nick FitzGerald (nick virus-l demon co uk) RE: MS to stop allowing passwords in URLs Feb 03 2004 02:26PM Andrew Harwood (aaharwood_maillist bigpond com) Re: MS to stop allowing passwords in URLs Feb 03 2004 10:32AM Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) Re: MS to stop allowing passwords in URLs Feb 03 2004 04:01AM Dave Warren (dave warren devilsplayground net) (3 replies) Re: MS to stop allowing passwords in URLs Feb 06 2004 04:01AM Nick FitzGerald (nick virus-l demon co uk) Re: MS to stop allowing passwords in URLs Feb 03 2004 06:09PM David B Harris (dbharris eelf ddts net) RE: MS to stop allowing passwords in URLs Feb 03 2004 01:58AM Fergus Brooks (fergusb evolve-online com) (1 replies) |
|
Privacy Statement |
>>> uses of this syntax and Microsoft removing it
>>> from their browser? (and presumably the OS since
>>> the browser IS the OS).
It always was a bad idea to put plaintext passwords in URLs because it
encouraged users to give away passwords in links on public Web pages. The
spoofing games were the second big problem with them that showed up later.
Glad to see Microsoft getting rid of the feature.
Richard
[ reply ]