Web pages are often password protected. The most common form of this uses a protocol called Basic Authentication, which is not very strong, but easy to implement. With this scheme, the server responds to an HTTP request with a 401 error status and a Www-Authenticate header, which specifies the authentication protocol the server wants to use. For example, the server response can contain the following information:
HTTP/1.0 401 Authorization Required Www-Authenticate: Basic realm="My Pages"
The realm is meant to be an authentication domain. In practice, it is used in the string that gets displayed to the user as part of the password prompt. For example, a Web browser will display this prompt:
Enter the password for My Pages ...