Hacker News new | past | comments | ask | show | jobs | submit login

My big problem with HTTP basic auth in 2022 (squints at Netgear router) is that in Edge/Chrome 1Password can’t auto complete it. It gets really annoying really quickly.



Bitwarden has 0 issues 'autofilling' basic auth. It just passes the login credentials on connection and you never see a basic auth prompt.


That's actually a gripe I have with Bitwarden, because you can't turn that feature off. If an attacker can take over a single endpoint, Bitwarden will happily send your credentials to an iframe from a malvertiser without ever telling you.

It's a fine feature and the WebExtension API won't let them solve basic auth in any other way, but it's a security risk in my opinion. I'd much rather see browsers provide an API to HTTP Basic auth prompts instead so the user can select an identity from the list if they've got a saved username/password combo that matches a given set of requirements.


It only supports a single user/pass pair for each site. There are many cases where you would want to use multiple identifies and switch between them.


Yes, this is one of my major grapes. I’m using LastPass though. The comment below about bitwarden is interesting and I will have to give that a try.


100% this! At least Firefox with 1password seems to handle it okay.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: