In contrast, basic access authentication uses the easily reversible Base64 encoding instead of hashing, making it non-secure unless used in conjunction with TLS.
Technically, digest authentication is an application of cryptographic hashing with usage of nonce values to prevent replay attacks.
RFC 2069 specifies roughly a traditional digest authentication scheme with security maintained by a server-generated nonce value.
[7] The MD5 calculations used in HTTP digest authentication is intended to be "one way", meaning that it should be difficult to determine the original input when only the output is known.
If the password itself is too simple, however, then it may be possible to test all possible inputs and find a matching output (a brute-force attack) – perhaps aided by a dictionary or suitable look-up list, which for MD5 is readily available.
Although the cryptographic construction that is used is based on the MD5 hash function, collision attacks were in 2004 generally believed to not affect applications where the plaintext (i.e. password) is not known.
These weak cleartext protocols used together with HTTPS network encryption resolve many of the threats that digest access authentication is designed to prevent.
However, this use of HTTPS relies upon the end user to accurately validate that they are accessing the correct URL each time to prevent sending their password to an untrusted server, which results in phishing attacks.
Some strong authentication protocols for web-based applications that are occasionally used include: The following example was originally given in RFC 2617 and is expanded here to show the full text expected for each request and response.
If an expired value is used, the server should respond with the "401" status code and add stale=TRUE to the authentication header, indicating that the client should re-send with the new nonce provided, without prompting the user for another username and password.
The syntax of the htdigest command:[14] The format of the .htdigest file:[14] Session Initiation Protocol (SIP) uses basically the same digest authentication algorithm.
If the server requires that these optional features be handled, clients may not be able to authenticate (though note mod_auth_digest for Apache does not fully implement RFC 2617 either).