Apache Reference: mod_digest
mod_digest - User Authentication by User Name/Realm/Password
Since Apache 1.1, src/modules/standard/mod_digest.c
Rob McCool, Robert S. Thau, Alexei Kosut (1996)
In addition to the classical HTTP/1.0 Basic Authentication mechanism, a message digest-based HTTP authentication mechanism exists as defined in RFC 2617.()ftp://ftp.isi.edu/in-notes/rfc2617.txt> Instead of transferring a clear-text user name/pass==word pair with the HTTP request (which can be easily monitored), a message digest is calculated (via the MD5 algorithm) and transferred together with the user name. This module then performs the same message digest calculation for the password stored in the server's authentication database. When the two digests are equal, access is allowed. This approach offers an obvious advantage relative to Basic Authentication: the password is not sent over the network. The drawback is that many browsers do not support this type of user authentication.