The protocol referred to as "HTTP/1.0" includes the specification for
   a Basic Access Authentication scheme[1]. That scheme is not
   considered to be a secure method of user authentication, as the user
   name and password are passed over the network in an unencrypted form.