[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: what data transmission with tor is a security risk ?



On 8/18/06, Arichy <arichy@xxxxxxxxxxxxxx> wrote:
[...]
I think with .htaccess authentication the passwort is transmitted
encrypted? But if the Password is weak, the sniffer can easily do an
brute force attack at home...

It depends on the authentication scheme used--Basic authentication just sends the username and password encoded in base64, and is basically as bad as plaintext auth. If the server uses digest authentitication, however, you're correct.

-Brendan