For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Icon for Cirrostratus rank

Cirrostratus

Dec 06, 2021

Hide Username and Password in URL

We have a video streaming app that has a basic username/password authentication. Accessing the application is done by going to rtsp://username:password@example.com:554/video Infosec isn'...

application delivery

Icon for Cirrocumulus rank

Cirrocumulus

Dec 10, 2021

I don't blame them. Username and password in the URL is a pretty basic security mistake. e.g. when you're passing via a proxy. After all the URL is going too be logged somewhere... In your history etc.

The only way you can mask it is by changing the application that's insecure enough to insist on user/pass in the URL for a decent one.

Zuke
Cirrostratus
Dec 13, 2021
That's the conclusion I came to as well.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Academy at AppWorld 2026

DevCentral News

Introducing the F5 AI Assistant for BIG-IP

Technical Articles

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5