basic authentication without a secure connection

BlackWidow scans websites (it's a site ripper). It can download an entire website, or download portions of a site.
Post Reply
coldspice
Posts: 1
Joined: Mon Jul 23, 2012 6:21 pm

basic authentication without a secure connection

Post by coldspice » Mon Jul 23, 2012 7:21 pm

I'm running a new computer with windows 7 and trying to come up to speed on Blackwidow 6.
The Regular browser I use is Firefox. On some sites I get back a error message with Blackwidow (which seems to be indicating it is using explorer) on entering user name and password.
Firefox works and enters those sites no problem.

Error message box is headed Windows Security

"Warning: This server is requesting that your username and password be sent in an insecure manner (basic authentication without a secure connection)"

Is there a setting I should change in windows 7 , or explorer or blackwidow?
(I'm also running some Avira anti virus software)
Do you have any comment on any Risks or adverse outcomes by sending basic authentication without a secure connection?
Thanks

User avatar
Support
Site Admin
Posts: 1821
Joined: Sun Oct 02, 2011 10:49 am

Re: basic authentication without a secure connection

Post by Support » Mon Jul 23, 2012 7:36 pm

BW uses IE, so it's best if you first make sure the latest one is installed. Your Firefox have stored the login, and doesn't care if it's secure or not. IE will warn you of this. If you go to the site as https as oppose to http, if the site provide it, you will not get an error about it. In IE, when it ask for a login, you can then tell it to remember it so it won't ask again.

I you run IE, you can go to the tools menu and set all the options you want to have, security, java, activeX and all. Or from the Controll Panel / Internet Options.
Your support team.
http://SoftByteLabs.com

User avatar
Support
Site Admin
Posts: 1821
Joined: Sun Oct 02, 2011 10:49 am

Re: basic authentication without a secure connection

Post by Support » Mon Jul 23, 2012 7:39 pm

coldspice wrote:Do you have any comment on any Risks or adverse outcomes by sending basic authentication without a secure connection?
It means that anyone looking at your connection packet (your service provider and any networks in between you and the server) can see your login, and use it. But, it's not something that happens often. They have to site down and watch averythin you do. But again, they may run a bot that will gather the login on it's own. I would not do this on an http site, I would try it on the https instead.
Your support team.
http://SoftByteLabs.com

Post Reply