Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I think that's a bad example to hold up, there's a repeatable issue with 123-reg's basic auth system that stops you from being able to fully log out on certain platforms.


Basic auth has no logout feature as far as I understand it. 123-reg tries to hack on something which looks like a logout feature but isn't.

For the point I was trying to make, it was the perfect example. It demonstrates that you can use basic auth, have "working" authentication, and be a successful website.

Note, the comment I was replying to was that basic auth is "unusable". 123-reg clearly disproves this.


And I cannot dispute any of your points, but the inability of basic auth to provide logout is certainly a concern that must be factored in to any decision making process. I personally love using basic auth in projects when I can as it just works for the majority of single user requirements.


Why can't basic auth logout be handled by the browser? e.g. display a "logout" button on the navigation bar when you're logged in with basic auth?


I guess it could be. If the browser vendors implemented such a feature.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: