This is still unresolved. We pay as a company for a password manager which isn't able to fill basic/digest password prompts by at least one of the major browsers?
Even open source password manager extension are able to do it:
Maybe you can get some inspiration there?
@lastpass please explain at least why not and when this can be fixed?
This kind of authentication is still used by many admin interfaces and as of http digest auth (same problem as http basic)
there is no "insecurity" reason not to do so.
I contacted lastpass support, as we got no response here.
The case is under review by their developers now:
Thank you for your reply.
I got a response from our developers, so they said that it's been put under review and they have created a ticket in which they will be working on adding more authenticators. I'm attaching this ticket to your case so once it's resolved or developed we will let you know.
We appreciate your patience.
Support Specialist Tier 1
So apparently my lastpass decided to suddenly auto-handle 'basic auth' requests today in Chrome. I guess the extension auto-updated... and this has totally borked me because it's trying to send the wrong user/pass!!!!
I was losing my mind wondering why I was just getting a http error of too many tries, then when I looked at my logs I saw that I was sending the wrong username dozens of times, even though I never got a popup in my browser.
After doing some diagnosing I traced it to lastpass causing the issue! WTF, first they don't have it handling basic auth popups for years, now they want to autofill with a randomly chosen account from the domain.
I can't find any way to disable this, even if I disable auto-fill it still does it. This is totally unacceptable and a major PITA... Either auto-fill the pop-up box, or do don't anything at all!!!!
I had a ticket started for this exact issue. After bouncing some emails back and forth, the resolution was that IT said that this is impossible - even though it works just fine with competitors' products. I even let them remote-in into my computer, so I could reproduce the basic auth autofill issue, as the rep screen recorded it.
Here was the latest update from that LastPass rep:
I have attach to this case number the screen recording I took on our phone conversation last week,I did share that recording with our engineers and after they watched it they explained me that the prompt or pop up screen is usually coming from the page itself, unfortunately we can't modify the page itself to accept our autofill option into it. they suggested trying the context menu (right-click option) to see if it allows you that way.
If anyone knows which products are able to autofill basic auth prompts, please reply to this thread, so LastPass can get clued in.
Sidenote: even though this post is just plaintext with some italics, I kept getting this error:
Your post has been changed because invalid HTML was found in the message body. The invalid HTML has been removed. Please review the message and submit the message when you are satisfied.