Just a heads up, it seems the latest security patch for IE disables the ability to place username and passwords in a URL ie username:password@example.com
Can't see that it's really a big enough of a security issue to disable it by default personally, not like every other browser out there doesn't let you do it as well.
this patch is Microsoft's fix for "phishing". It is a pretty serious security issue for people who don't know better, disabling this fix is not recommended.
It's a "fix" for phishing yes, but imo instead of addressing the actual root cause they've just patched around it by disabling username@password which I think is a perfectly "secure" function to have in a browser. Not the users fault IE has other weaknesses which allow the feature to be abused.
Topic Locked
Posted - 04 February 2004 : 22:33:40
