I have a website that uses basic authentication as described on this webpage. Each of the computers I manage have the password saved in their browser.
There is only one username and password for this. After someone logs in to the site this way, they are presented with their individual username and password prompt as part of the web page. The purpose of the initial username/password is to protect the site's externally accessible sections.
So far, when we've had to change this password, I've manually gone to each computer and updated the saved password.
I'm writing a startup script to configure other aspects of these systems so that I can maintain them easier. I'd like to be able to update the saved password via this script.
The operating system running on these machines is Windows XP SP3 and the browsers they're using to access this site are IE8 and IE9.
How can I update the saved basic authentication information for a website via a script?
Since you're trying to restrict access to Domain Users to an intranet website, wouldn't it be easier to restrict access to the directory via your Active Directory Controller instead of using a static htaccess file? This way, you can allow certain users to access the website directory where as other users would be denied by default. Change the Everyone permission to deny access by default and then add in your allowed users. This way you do not need to manage any kinds of passwords. When a user is terminated or no longer allowed access to the site, remove them from the Security list. The below example is how I would restrict the Resources folder to only an allowed group on IIS.
Why not consider using a password manager on the systems. If you were to use LastPass as an example you could update the password in one location and it will sync across to all clients?
Another option is to use domain and server isolation and restrict access to only machines or users that are in a group containing those accounts. This would have an added benefit of helping to ensure your entire windows environment is secure. I am unaware of a way to programmatically save passwords, I believe that it's only possible to retrieve them programmatically.