http://www.perlmonks.org?node_id=326641


in reply to Passing a username/password from HTML to a Perl script

My initial reaction to this post is that I sure hope you're doing all this stuff over an SSL connection. Without SSL, the password protection doesn't reallt even matter.

Sure, htaccess is great, but it's not secure* unless you're on an SSL connection. I use htaccess with SSL all the time.

I guess I just can't stress SSL enough. Especially when dealing with credit cards, SSL is a MUST.

* Exception: Digest Authentication, which probably won't work for you in many cases.