AnsweredAssumed Answered

Credentials for WD passed in URL? Not secure?

Question asked by bigtom on Jul 29, 2018
Latest reply on Aug 2, 2018 by pragmatica

I had a situation where credentials for WD login are passed as parameters to FMS in the URL.

 

https://fms.myserver.com/fmi/webd/filename?username=aaaaa&password=xxxxx

 

Why is this happening and how is this secure?

 

User started to type the URL and the entry with the login credentials showed up in the browser address bar. Anyone who sits at that computer and starts to type the URL will have access to someone else login.

Outcomes