On Tue, 14 Jun 2005, kido wrote:
I am using basic scheme to authenticate users. Is this method vulnerable to sniffers?
Yes.
if so, is there another scheme which can protect privacy (encryption...)?
Yes, digest or NTLM. digest is standard, but hard to integrate with authentication backends. NTLM is Microsoft NT domain masqueraded over HTTP.
what does "digest" scheme mean?
RFC2617 chapter 3 Digest Access Authentication Scheme Regards Henrik