Y
Hacker News
new
|
ask
|
show
|
jobs
by
lazide
143 days ago
Not necessarily, the server can say it only supports basic auth and….
1 comments
gruez
143 days ago
I don't think there's any evidence that windows sends cleartext passwords. The whole reason why NTLM is a thing is to avoid sending cleartext passwords.
link
lazide
143 days ago
Outlook appears to be
link
p_ing
143 days ago
The 'https://' disagrees with your 'sending clear text passwords' statement.
link
lazide
143 days ago
It’s clear text to the receiving server, which is what we’re talking about, not one way hashed.
link