No More URL Authentication for IE

By Deane Barker on February 5, 2004

Cumulative Security Update for Internet Explorer (832894): Tell me, why is this a good idea? Hasn’t this been a standard for a lo-o-o-ong time now?

The update removes support for handling user names and passwords in HTTP and HTTP with Secure Sockets Layer (SSL) or HTTPS URLs in Microsoft Internet Explorer. The following URL syntax is no longer supported in Internet Explorer or Windows Explorer after you install this software update: http(s)://username:password@server/resource.ext

If you use Windows Update to keep your desktop in shape, you may have lost this functionality already.

Vie Metafilter.



  1. It is driving me nuts. I have to find a workaround for this right now. I programmatically call Internet Explorer with different URLs requiring authentication and one feature of my program was that users did not have to retype this information over and over.

    If anyone finds leads to a solution, please email me.

  2. Hi Johnnie, I think I may be able to help you solve your problem. First of all, calling the APIs programatically is definitely the way to go. Good work! Essentially, what you need to do is to enable the JLM in the options menu, and then you’ll need to make a call to the IIS MGD Configuration Expert, I forget what the actual name is now, and then you’ll have to paramaterize the localization variable into a TLSX double buffer, after which you should be good to go, that is, assuming that your application has been processed within 6-8 weeks before you leave on the grand bandwagon sleep disorder unit “Catch me if you Can” starring Leonardo diCaprio in theaters now.

Comments are closed. If you have something you really want to say, tweet @gadgetopia.