you'd have to be unlucky enough to auth your browser for Basic... which is wrong but you think it should disallow users by design from harming their own security