I read from an expert on another thread that Basic Authrtication will send the password directly to the server on the wire.
However, OAuth and SAML or Kerberos will use third party servers to verify pw's but not transmit the pw on the wire
My Question: How do the more complex security servers avoid transmitting a pw on the wire,
Did I read the post incorrectly? (Is the pw sent to the third party verification server, but not the http server ?