A URL such as http://username:password@example.com/ does not work in Internet Explorer, as explained in the Microsoft Knowledgebase article “Internet Explorer does not support user names and passwords in Web site addresses”. I can’t find a proper workaround for this. I want just a simple link in a HTML document which works.

The purpose of the exercise:

We have a website, with fairly secure cookie-based login. We have standard stats packages (Webalizer and AWStats) which use HTTP authentication. I want to give the administrator of the site a quick link to the stats. The link, which includes the password, will be available only to a logged in administrator. It’s no great security risk.

The username:password@example.com construct was removed as a security feature. Storing passwords in plain text is a bad idea to start with, and this form of the url was a frequently used attack vector for phishing attacks. The article you link to lists some work-arounds... can you not just prompt the user to enter a password?

If you give a little more details about what you're doing, it's possible a better solution may be found.

Per the Knowledgebase article, this can be enabled by setting the DWORD for iexplore.exe to 0 in: [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE].

Doing so will enable you to browse to URLs using the syntax [user]:[password]@[url].