Credentials are sent in headers, and http-auth supports a bunch of schemes other... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

yamtaddle on Feb 11, 2023 | parent | context | favorite | on: Ask HN: Can Browsers Have a Universal Hotkey for W...

Credentials are sent in headers, and http-auth supports a bunch of schemes other than basic. Browsers have (shitty) UI for taking the username and pass, you don't have to put it in the address bar (and that's been discouraged for years and years). There's no reason whatsoever the feature couldn't have been improved and promoted over the years such that there would rarely be a reason to use anything else. The Web's failure here has been a remarkably expensive misstep for the software economy.

qbasic_forever on Feb 11, 2023 [–]

There's no concept of forgot my password or ID with browser auth. People tried using it years and years ago and it just never evolved into something usable by the general public.

yamtaddle on Feb 11, 2023 | [–]

Yes, it definitely should have been maintained and improved over the years.

Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact