[thelist] Getting Login Name & Password

James Hardy evolt at weeb.biz
Wed May 25 12:48:30 CDT 2005

j s wrote:

>Is there a way, on a web page(asp), to pick up the user's login name & password that was used to login into their pc with?
if you are using IIS and are doing this on an intranet with a domain you 
can use NTLM authentication. Internet Explorer will, when faced with 
this automatically pass the username and a hash of the password to the 
server. You can access the username with 
Request.ServerVariable("AUTH_USER") which will be in the format


this is an IE only solution. Firefox and Mozilla Suite have support for 
NTLM, but it will pop up a username password box so is not seamless. 
Other browsers, I don;t think do (though the open source ones are likely 
to take the code from mozilla at sometime). You also have to be on the 
same subnet I think, or it fails (or that might have just been the setup 
at the place I last used it)

The password, you won;t ever get, with good reason, as it would be a 
huge security rish, and I believe that it is only stored on the system 
as a hash rather than the password that is entered.

More information about the thelist mailing list