Solved

Pass Username and Password

Posted on 2013-11-06
8
402 Views
Last Modified: 2013-11-13
I have a website that requires Username and Password to log in. Is it possible that I pass the username and password as arguments in the URL so that users are not asked for credentials?
0
Comment
Question by:ramziabk
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 7

Assisted Solution

by:aamodt
aamodt earned 100 total points
ID: 39627197
You need to use GET insted of POSTS on the login form.
But not recommendend since all get passed in clear text.

But it always will when you not using SSL.

http://example.com/login.php?user=test&pass=1234
0
 
LVL 52

Assisted Solution

by:Scott Fell, EE MVE
Scott Fell,  EE MVE earned 200 total points
ID: 39627219
Short answer is yes.

Your question sounds like you are trying to work around your system.  I find workarounds are short term solutions leading to long term problems.    If you don't want a username and password, then change your serverside coding.   You could also set the credentials for being "logged in" to a cookie or session and either can expire in x minutes, hours, days...never.

I would suggest working on a better and more secure solution than adding a password to the url which is a security risk.
0
 
LVL 43

Assisted Solution

by:Chris Stanyon
Chris Stanyon earned 200 total points
ID: 39627346
What security model are you using on the website (htaccess, CAPTCHA device etc.)- that will dictate how you can login. It may not be possible to just pass in a URL, and as has already been said - it's certainly not recommended!
0
 
LVL 1

Author Comment

by:ramziabk
ID: 39627624
Thanks for the information. However, There are no security threat here. It simply client access to a camera live streaming . No need to use authentication.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 1

Author Comment

by:ramziabk
ID: 39627629
Plus note that there is a popup for the link.

This is my link below:

http://blomlive.dyndns.org:1130/

I tried adding user=test&pass=1234 but it didn't work.

Thanks
0
 
LVL 52

Assisted Solution

by:Scott Fell, EE MVE
Scott Fell,  EE MVE earned 200 total points
ID: 39627702
It would actually have been http://test:1234@blomlive.dyndns.org:1130/ I don't believe you can use that in urls anymore.   Since you don't care about security, just remove the password protection from the virtual folder you are accessing.
0
 
LVL 43

Accepted Solution

by:
Chris Stanyon earned 200 total points
ID: 39627745
I can't even login manually with those details. You are using htaccess to protect the folder so padas is correct. You would login like this:

http://test:1234@blomlive.dyndns.org:1130/

if there's no need to use authentication then why use it?
0
 
LVL 52

Expert Comment

by:Scott Fell, EE MVE
ID: 39644883
ramziabk:

By grading the answers here a C, you are saying the answer is incomplete.  In order to award this grade, you should explain the reasoning and give us a chance to better help you.  Also know that sometimes the answer is there is no answer or it is an answer you may not like.

http://support.experts-exchange.com/customer/portal/articles/481419-what-grade-should-i-award-?b_id=44
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Preface This article introduces an authentication and authorization system for a website.  It is understood by the author and the project contributors that there is no such thing as a "one size fits all" system.  That being said, there is a certa…
Browsers only know CSS so your awesome SASS code needs to be translated into normal CSS. Here I'll try to explain what you should aim for in order to take full advantage of SASS.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now