Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What is base64 clear text username and password?

Recently I came across this word in a basic authentication article. What it meant by base64 clear text usrname and password on the network?

Thanks

like image 717
pointlesspolitics Avatar asked Sep 06 '09 16:09

pointlesspolitics


2 Answers

In HTTP Basic authentication, the "password:username" is encoded in Base64. Since it's not encrypted, it's cleartext.

Here is a sample Authorization header,

Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=

Where dXNlcm5hbWU6cGFzc3dvcmQ= is Base64-encoded "username:password" (literally).

like image 77
ZZ Coder Avatar answered Sep 20 '22 13:09

ZZ Coder


It means encoding the username and password using base 64. The result won't look too much like your username and password but it's pretty easy to reverse the operation to get the plain text.

See here for details on base 64 encoding

http://en.wikipedia.org/wiki/Base64

For example the string password encoded in base 64 is cGFzc3dvcmQ=

This online tool can encode/decode base 64 for you http://www.motobit.com/util/base64-decoder-encoder.asp

like image 26
pjp Avatar answered Sep 18 '22 13:09

pjp