Solved

Pass Username and Password

Posted on 2013-11-06
8
396 Views
Last Modified: 2013-11-13
I have a website that requires Username and Password to log in. Is it possible that I pass the username and password as arguments in the URL so that users are not asked for credentials?
0
Comment
Question by:ramziabk
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 7

Assisted Solution

by:aamodt
aamodt earned 100 total points
ID: 39627197
You need to use GET insted of POSTS on the login form.
But not recommendend since all get passed in clear text.

But it always will when you not using SSL.

http://example.com/login.php?user=test&pass=1234
0
 
LVL 52

Assisted Solution

by:Scott Fell, EE MVE
Scott Fell,  EE MVE earned 200 total points
ID: 39627219
Short answer is yes.

Your question sounds like you are trying to work around your system.  I find workarounds are short term solutions leading to long term problems.    If you don't want a username and password, then change your serverside coding.   You could also set the credentials for being "logged in" to a cookie or session and either can expire in x minutes, hours, days...never.

I would suggest working on a better and more secure solution than adding a password to the url which is a security risk.
0
 
LVL 42

Assisted Solution

by:Chris Stanyon
Chris Stanyon earned 200 total points
ID: 39627346
What security model are you using on the website (htaccess, CAPTCHA device etc.)- that will dictate how you can login. It may not be possible to just pass in a URL, and as has already been said - it's certainly not recommended!
0
 
LVL 1

Author Comment

by:ramziabk
ID: 39627624
Thanks for the information. However, There are no security threat here. It simply client access to a camera live streaming . No need to use authentication.
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 1

Author Comment

by:ramziabk
ID: 39627629
Plus note that there is a popup for the link.

This is my link below:

http://blomlive.dyndns.org:1130/

I tried adding user=test&pass=1234 but it didn't work.

Thanks
0
 
LVL 52

Assisted Solution

by:Scott Fell, EE MVE
Scott Fell,  EE MVE earned 200 total points
ID: 39627702
It would actually have been http://test:1234@blomlive.dyndns.org:1130/ I don't believe you can use that in urls anymore.   Since you don't care about security, just remove the password protection from the virtual folder you are accessing.
0
 
LVL 42

Accepted Solution

by:
Chris Stanyon earned 200 total points
ID: 39627745
I can't even login manually with those details. You are using htaccess to protect the folder so padas is correct. You would login like this:

http://test:1234@blomlive.dyndns.org:1130/

if there's no need to use authentication then why use it?
0
 
LVL 52

Expert Comment

by:Scott Fell, EE MVE
ID: 39644883
ramziabk:

By grading the answers here a C, you are saying the answer is incomplete.  In order to award this grade, you should explain the reasoning and give us a chance to better help you.  Also know that sometimes the answer is there is no answer or it is an answer you may not like.

http://support.experts-exchange.com/customer/portal/articles/481419-what-grade-should-i-award-?b_id=44
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Introduction Knockoutjs (Knockout) is a JavaScript framework (Model View ViewModel or MVVM framework).   The main ideology behind Knockout is to control from JavaScript how a page looks whilst creating an engaging user experience in the least …
SASS allows you to treat your CSS code in a more OOP way. Let's have a look on how you can structure your code in order for it to be easily maintained and reused.
Viewers will learn about the regular for loop in Java and how to use it. Definition: Break the for loop down into 3 parts: Syntax when using for loops: Example using a for loop:
HTML5 has deprecated a few of the older ways of showing media as well as offering up a new way to create games and animations. Audio, video, and canvas are just a few of the adjustments made between XHTML and HTML5. As we learned in our last micr…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now