Restore IE username : password URL handling

If you have visited Windows Update since February 2004 there was more than likely an update named "Cumulative Security Update for Internet Explorer 6 Service Pack 1 (KB832894)" installed on your system. While most all the features patched with the updates are needed, there is one that should have been optional. In the past, if you needed to access a password protected site you could form a URL similar to http://username:password@www.mydesktophelp.com/ and you would not be prompted for your password, however, with the recent rash of people taking advantage of this feature, for example, http://www.bankingsite.com@www.badsite.com people were being tricked into entering personal data, with the thought that they were at a legitimate site. So in this update, that feature was removed. Now, if you click on a link with username and password in the URL you just get a message that the page can't be displayed. If you are comfortable that you are able to distinguish between these malformed URLs and URLs that need this format for ease of use, use the directions below to reverse the settings of this part of the security update. Chances are part of the path below doesn't exist and will need to be created. To return to default settings just delete the values added.

Key: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]
Value Name: iexplore.exe and explorer.exe
Data Type: REG_DWORD
Data: 0 (zero)

Optionally, replace HKEY_CURRENT_USER with HKEY_LOCAL_MACHINE to effect the entire PC not just the currently logged on user.

Note: Microsoft does not mention having to reboot or restart IE inorder for changes to take effect. We were only able to replicate the desired result after we rebooted our machine, so if you do not see a change after applying this fix, reboot and see if they changes are in effect.

For more information:

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/Bulletin/MS04-004.asp

http://support.microsoft.com/default.aspx?scid=kb;en-us;834489

Back to Internet Explorer Tweaks

				<SCRIPT type="text/javascript" SRC="http://www.mydesktophelp.com/cgi-bin/ads.pl?jscript;member=mims1979"></SCRIPT> <NOSCRIPT><A HREF="http://www.mydesktophelp.com/cgi-bin/ads.pl?member=mims1979;banner=NonSSI;page=01" TARGET="_blank"> <IMG SRC="http://www.mydesktophelp.com/cgi-bin/ads.pl?member=mims1979;page=01" width="468" height="60" ALT="MyDesktopHelp.Com Advertisements" BORDER=0></A></NOSCRIPT>

	Home Support Forum Dynamic Signature Tips N' Tweaks Downloads Custom Software PHP · CGI · ASP Web Design Advertising Free Cash!!



	All material is copyright © 1999-2005 MyDesktopHelp.Com. All Rights Reserved. All text, graphics , HTML and contents of this website are protected by US and International copyright laws and may not be reproduced or distributed in any manner without the explicit permission of MyDesktopHelp.Com .