userid and password in url

[cbo]

I have an instance where we imbed the username and
password in the url like below

http://username:password@server/resource.ext

this worked in IE6.0.2600.
for a customer who is using IE6.0.2800, when you add the
URL to a favorite it cleans off the userid and password
(actually in the addressbar when you paste it). I figure
this is some kind of security benefit. Is there a way to
disable it?

If you wouldn't mind emailing me the answer that would be
great, not sure I can find this board again.

thanks,
cbo
(e-mail address removed)

 

[Guest]

Have you tryed publishing a certificate in the internet
tools?

 

[Levent Besik [MS]]

Hi,

Unfortunately this is by design. I believe this functionality was removed in
SP1, since it allowed saving your passwords in clear text in your favorites,
which is a security risk. What you may want to do instead is whenever the
login box comes up, check the box that says "save this password". Now
everytime you try to login to the same site, your password will
automatically be filled in on the login dialog.

--
Thanks,
-Levent
Windows Client Platform Team

This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm