Software Bashing » authentication http://softwarebashing.org/blog We hate software. With a passion. Sun, 11 Apr 2010 21:04:37 +0000 en hourly 1 http://wordpress.org/?v=3.2.1 Password trap http://softwarebashing.org/blog/2009/09/password-trap/ http://softwarebashing.org/blog/2009/09/password-trap/#comments Wed, 09 Sep 2009 08:18:35 +0000 jubbink http://softwarebashing.org/blog/?p=199 When it comes to browsers a lot has changed over the past few years. One of the great things that all major browsers now support is opening browser windows within the browser window. They call this feature 'tabs' (probably because somebody thought that a computer should work the same like this 1960's file cabinet at your local city hall). Personally I love tabs, it prevents my taskbar from becoming overly cluttered with open browser windows since I tend to have anywhere between 2 and 8 active tabs.

So this one day you run into a great site and you feel like registering there. So you register and open up your 21st century mail-client which of course works in your 21st century browser and you open the mail. You find the link where you can log in. You are prompted with a HTTP authentication dialog.

firefox_htauth_smaller

"Ah, username and password" you think.. "in my mail, let me just.. hey WTF!?". That's a pity isn't it? There is absolutely no way you can do anything with your browser before you do something about that dialog. And the nice thing about HTTP authentication is that it asks up to 3 times for you to log in, even if you press 'Cancel'. Because who knows, perhaps you didn't want to press 'Cancel'.

Why can't i just interact with my browser when this thing pops up? Now for this particular case I had an easy username, but what if my username was not that easy and I would want to copy/paste both my username and password? I'd have to open my mail in a different browser window or copy/paste it to my favorite text editor. Thank you 21st century tabs!

]]> http://softwarebashing.org/blog/2009/09/password-trap/feed/ 0