HTTPS and BASIC authentication

Question

When I use HTTP BASIC authentication along with HTTPS, are the username and password securely passed to the server?

I would be happy if you can help me with some ref

Answer 1

HTTP Basic Authentication and HTTPS both are different concepts.

• In HTTP Basic Authentication username and password are sent in clear text (In HTTP Digest Authorization password is sent in base64 encoded using MD5 algorithm)
• Whereas HTTPS is completely different functionality, here complete message is encrypted based on keys and SSL certificate.

Please Note: There is difference between authorization and security. HTTP Basic authorization is an authorization concept it is not security

YES. In your case the HTTP message with username and password will be encrypted and then sent to the server.