[whatwg] connecting usernames and passwords

Ian Hickson ian at hixie.ch
Thu Dec 16 18:33:10 PST 2004

On Fri, 17 Dec 2004, Matthew Thomas wrote:
> But UAs already have to provide their own UI for HTTP authentication. 
> Adding the ability to do such authentication with forms would make the 
> user experience less consistent, because the interface on each site 
> would be different.
> Perhaps a more consistent, and more backward-compatible, approach would 
> be to fill those gaps in HTTP authentication that currently cause site 
> designers to use other schemes (such as a destination URI for an 
> optional "I Forgot My Password" button).

The thing missing from HTTP auth is that you can go to a site (without 
authenticating), then when you want to, enter your name and password, and 
show the same page, with customised information, and later return to that 
same URI, and be already logged in.

Basically, have everything work without a separate login step that is 
outside the page (and not under the control of the author).

Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'

More information about the whatwg mailing list