You are prompted for a password and a user name when you view HTML messages in Outlook (824067)


The information in this article applies to:

  • Microsoft Internet Explorer 6.0, when used with:
    • the operating system: Microsoft Windows XP
    • the operating system: Microsoft Windows 98
    • the operating system: Microsoft Windows 98 Second Edition
    • the operating system: Microsoft Windows Millennium Edition
    • the operating system: Microsoft Windows 2000
Important This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry

SYMPTOMS

If you open an HTML-formatted e-mail message in Microsoft Outlook, you may be prompted to enter your user name and password.

CAUSE

This problem occurs when the following conditions are true:
  • You are connected to the Internet through a proxy server, and you are using basic authentication.
  • The HTML-formatted e-mail message contains a link to graphics that are stored on an external server.
  • The HTML code for the graphics link contains a user name and a password.
Under these conditions, Outlook will try to authenticate the links by using the user name and the password in the graphics link. This authentication will fail in most situations. After this problem occurs, if you try to view other e-mail messages that contain links to external graphics, Outlook prompts you again for your user name and password.

RESOLUTION

A supported hotfix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Only apply it to systems that are experiencing this specific problem. This hotfix may receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next Microsoft Internet Explorer 6 service pack that contains this hotfix.

To resolve this problem immediately, contact Microsoft Product Support Services to obtain the hotfix. For a complete list of Microsoft Product Support Services phone numbers and information about support costs, visit the following Microsoft Web site:

http://support.microsoft.com/contactus/?ws=support

Note In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question.

The English version of this hotfix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel. 
   Date         Time   Version            Size    File name
   --------------------------------------------------------------
   03-Mar-2003  08:24  6.0.2800.1172      33,792  Ieuninst.exe     
   09-Oct-2003  08:04  6.0.2800.1271      27,136  Ieupdate.exe     
   23-Oct-2003  14:07  6.0.2800.1168     384,128  Q824067.exe      
   23-Oct-2003  13:54                      5,188  Q824067.inf
   23-Oct-2003  13:54                      5,266  Q824067_d.inf
   23-Oct-2003  13:45  6.0.2800.1285     586,752  Wininet.dll

WORKAROUND

Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

To work around this problem, follow these steps:
  1. Install the MS04-004 Cumulative Security Update for Internet Explorer (832894). This security update provides a new registry subkey that controls the handling of user information in a Hypertext Transfer Protocol (HTTP) or HTTPS URL.

    For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

    832894 MS04-004: Cumulative Security Update for Internet Explorer

  2. To apply the workaround for all Outlook users, you must add a new entry (msimn.exe) to the following registry subkey:

    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE

    To apply the workaround for a specific user of Outlook, you must log on as that user and then add the msimn.exe entry to the following registry subkey:

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE

    To do this, follow these steps:
    1. Click Start, click Run, type regedit, and then click OK.
    2. Locate and then click the registry subkey that you want to modify.
    3. On the Edit menu, point to New, and then click DWORD value.
    4. Type msimn.exe, and then press ENTER.
    5. On the Edit menu, click Modify, type 1, and then click OK.
For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

834489 A security update is available that modifies the default behavior of Internet Explorer for handling user information in HTTP and in HTTPS URLs

STATUS

Microsoft has confirmed that this is a problem in Internet Explorer 6.
Modification Type:MinorLast Reviewed:11/1/2005
Keywords:kbHotfixServer kbQFE kbIE600sp2fix kbIE600preSP2fix kbfix kbbug KB824067 kbAudEndUser kbAudITPRO
©2004 Microsoft Corporation. All rights reserved.