I assume you mean HTTP Basic Auth... It's just a header field consiting of "user:pass", MD5ed. Read the current HTTP RFC, it tells you all (and more) you need to know about it.