Basic authentication is the simplest scheme to configure so that our proxy server enforces authentication, but it's the most insecure scheme. This is due to the fact that credentials are transmitted in a Base64-encoded string format, which can be decoded very easily to get the original credentials, such as, the username and password supplied by the client to authenticate with Squid.

This authentication scheme is generally discouraged because anyone who is able to sniff your user's network packets will be able to see that person's username and password and will be able to exploit it very easily. The authentication schemes Digest or Negotiate are recommended over the Basic authentication scheme.

This scheme can be used in small, ...