Copy link to clipboard
The webservice login mechanism requires HTTP authentication headers with
credentials (HTTP Basic Authentication, RFC 2617). These headers are
encoded using a reversible algorithm which means that anybody along the
way can sniff my authentication headers and read my username and
password from them.
Could SSL be enabled for the forums so we can safely transfer credentials?
Have something to add?