[EvanAnderson]

The main criticism relates to eavesdropping. Wrapping Basic or Digest authentication in TLS eliminates that issue.

[xorbyte]

The article makes no mention of TLS anywhere, and the example endpoints are all HTTP. So, this is a thoroughly insecure implementation, relying on very weak security mechanisms, prone to straightforward interception and tampering, replay etc.