Allow Basic authentication for HTTP

Information

If you enable this policy or leave it unset Basic authentication challenges received over non-secure HTTP will be allowed.

If you disable this policy non-secure HTTP requests from the Basic authentication scheme are blocked and only secure HTTPS is allowed.

Solution

Policy Path: Microsoft Edge\HTTP authentication
Policy Setting Name: Allow Basic authentication for HTTP

See Also

https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-for-microsoft-edge-version-90/ba-p/2275943

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(6)

Plugin: Windows

Control ID: 7ed7b4e0353f6412d2753b5abf735cd78cfb377e7c213df0ff3d1d5ecc6e2639