Easy Guide to Enable Basic Authentication in IIS on Windows 11
Basic Authentication in Internet Information Services on Windows 11 is a way to restrict access to web resources by prompting users for their username and password. However, it’s important to note that Basic Authentication transmits credentials in plaintext, so it’s best used with SSL/TLS to ensure data security. It’s been part of IIS and other web servers for a long time. Its origins go back to the HTTP/1.0 specification in the early 1990s. If you are wondering why such an outdated authentication system is still added as an optional feature in Windows 11, it is to ensure that businesses and developers with older setups can still run their applications(Backward Compatibility) and for offline systems or in isolated networks, such as certain industrial or military applications, Basic Authentication might be used safely without external threats. So, in this article, let’s check out How to Enable Basic Authentication for IIS-based Web Servers in Windows 11 OS. Check out: Enable Digest Authentication for IIS in Windows 11.
Table of Contents
Key Steps:
- Let’s use Windows Features to enable this feature in Windows 11.
- Open Programs and Features using the Run command
appwiz.cpl.- Click on Turn Windows Features on or off from the left pane.
- Expand Internet Information Services node and then expand World Wide Web Services.
- Finally, expand the Security tree.
- Now, you can find Basic Authentication, click on the checkbox next to it and click OK.
- That is it. Basic Authentication in IIS is now enabled in Windows 11.
Directions to Basic Authentication in Windows 11
Here are the steps. Let’s get started.
- You can either use the Start menu or the keyboard combination Win Key + R to open the Run command.
- Once you are on the Run command, execute the following command
appwiz.cpland click OK. This command will open the Programs and Features window.
- When the Programs and Features window opens, click on the Turn Windows Features on or off option from the left pane.
- This action will open the Windows Features dialog. Here, you can find all the available optional features. Most of these features are essential for developers and IT Professionals.
- Go to Internet Information Services from the list of services available and expand it.
- Now, you will find FTP Server, Web Management Tools, and World Wide Web Services. Expand the World Wide Web Services.
- You will find various optional features such as Application Development Features, Common HTTP Features, Security, etc. Expand the Security tree.
- Under Security, you can find options like Centralized SSL Certificate Support, Digest Authentication, IIS Client Certificate Mapping Authentication, and more. Our interest is Basic Authentication, click on the checkbox next to it to enable it, and click OK.
- Windows will search for the required files.
- The system will apply the necessary changes.
- Finally, Windows will complete the requested changes. Click Close to close the window. We highly recommend doing the restart right away so that the changes made will be reflected in the system.
- That is it. Basic Authentication Support in IIS is now enabled in your Windows 11.
Why Basic Authentication is not recommended today?
Basic Authentication is generally not recommended today for several key reasons such as Transmitting Credentials in Plain Text, encoded only with Base64 as it is easily reversible, being Highly susceptible to man-in-middle attacks, and more. Moreover, it does not handle session tokens or session expiration which makes the credentials more vulnerable.
Important: Modern authentication methods, such as OAuth, JWT (JSON Web Tokens), and Kerberos, offer far more secure ways to handle authentication. These methods support encryption, tokens, session management, and additional security features, making them safer and more appropriate for today’s web applications.
Frequently Asked Questions
What are the risks of using Basic Authentication without HTTPS?
If used without HTTPS, Basic Authentication exposes usernames and passwords in plaintext, allowing attackers on the same network to intercept and read the credentials. This is highly insecure, especially on open or public networks.
Can Basic Authentication be used with Multi-Factor Authentication (MFA)?
Basic Authentication doesn’t natively support MFA. It relies solely on username and password, making it weaker than other methods.
How does Basic Authentication compare to token-based authentication?
Basic Authentication sends credentials with each request, while token-based methods exchange credentials once and use a token for future requests.
What are some alternatives to Basic Authentication?
OAuth 2.0, JWT (JSON Web Tokens), Kerberos, and Multi-Factor Authentication (MFA).
Take away:
Basic Authentication in IIS on Windows 11 is not recommended because it lacks the security, flexibility, and advanced features needed to protect modern applications from today’s more sophisticated security threats, however, in very limited, controlled situations (like local networks, testing environments, or low-risk internal applications) where data sensitivity is minimal, Basic Authentication can be acceptable if paired with SSL/TLS to encrypt the data in transit. We hope you are satisfied with our article. For more interesting articles, stay tuned to Winsides.com. Happy Coding! Peace out!
Like our Article
We love to hear from you. If you have any queries, do let us know in the comment section.
