After a user provides this information, the data is transmitted to the web server (in this case localhost). Once IIS receives the authentication data, it attempts to authenticate the user with the corresponding Windows account. The key disadvantage of Basic authentication is that it isn’t secure, because user name and password credentials obtained via it are transmitted between the client and server as clear text. The data is encoded into Base64 sting which can easily read. In Windows Vista Microsoft has modified the login dialog to display a warning if the connection is not secure (meaning SSL/TLS is not used for communicating with the web server).
Almost all web browsers support Basic authentication as authentication protocol. The next picture shows the case when a website requests client authentication using Basic authentication and the web browser displays a login dialog box: