I'd like to protect some or all web pages and show them only to authorized people. I understood there are two methods: basic and digest.
Basic is simpler, but it is unsecure (because it uses base64). In this case you need TLS.
Digest is more complicated but it is more secure (it uses MD5 algorithm and a nonce to protect data).
Are there some examples of both methods with lwip?
I suppose TLS needs a cryptographic dedicated hw, right?
Is digest/MD5 really more secure than basic authentication? MD5 is only a hash algorithm. I think it is simple to decode username and password after sniffing nonce (send by the server) and hash (send by the client).
Any suggestion?