I have a quick question about the IIS basic authentication.
We need part of our web site which is restricted to registered users. The way in which we are going to authenticate users is through IIS basic authentication whereby it will connect to a database to check for a username and password that is entered into the dialog box that appears when you try to access a restricted folder on the IIS server.
However what i would like to do is ask how secure is this authentication ?
For example when the user enters their username and password into the dialog box and is passed to the server it is possible to intercept right ? Would it make it more secure if we used SSL combined with this to ensure that the username and password cannot be intercepted ?
Therefore if i used SSL and IIS basic authentication to allow users who appear in the database to view certain pages will this be secure to ensure there is no unauthorised access and it is relatively secure for this purpose.
Any comments and information that you think would be useful to know please do post them ! :)
Thanks in advance.