Browser authentication

Is there anyway for a server to clear the authentication field carried in
the HTTP header?

We wish to time the authentications out, but returning an HTTP 401
Authorisation failed
merely resuts on the browser giving the user the opportunity to change
their password.
If they don't, the browsers re-usethe old password Is there anyway to stop
them from
doing this?


Received on Thursday, 24 April 1997 03:50:13 UTC