Article ID: 898656
This article has been archived. It is offered "as is" and will no longer be updated.
Digest authentication credentials that are used in an application that is based on the Microsoft Windows Internet (WinINet) API may be visible to other applications that are based on the WinINet API that also use Digest authentication. Applications that are based on the WinINet API include the following applications:
Note This problem also occurs after you close the custom application if Internet Explorer was running when the custom application connected to the URL.
This problem occurs because Digest authentication credentials are cached across processes. The Digest.dll file implements its own credential cache. This credential cache is shared across processes through a memory-mapped file. The memory-mapped file is destroyed only when all processes that use Digest authentication are closed.
Note Both Internet Explorer and Outlook Express use the Digest.dll file for Digest authentication in the WinINet API.
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
Any process that uses the Digest.dll file for Digest authentication may experience this problem even if the process does not use the WinINet API.
For more information about Digest authentication in the WinINet API, visit the following Microsoft Developer Network (MSDN) Web site: