How to Pass HTTP Username and Password to wget?

This article provides a quick overview and practical guide on how to pass HTTP authentication credentials using the wget command-line utility. When downloading files from servers protected by basic or digest authentication, you must supply a username and password to grant access. Below, you will find the standard command-line flags, security best practices to protect your credentials, and alternative methods like using configuration files or environmental variables.

Using the Standard Command-Line Flags

The most direct way to pass credentials to wget is by using the --user and --password flags. This method works seamlessly for standard HTTP basic authentication.

wget --user=your_username --password=your_password https://example.com/protected-file.zip

Alternatively, if the server specifically requires HTTP or FTP-specific flags, you can use the targeted options:

wget --http-user=your_username --http-password=your_password https://example.com/protected-file.zip

Inline URL Authentication

Another common method is embedding the credentials directly into the URL structure. This follows the standard syntax scheme://username:password@domain.

wget https://your_username:your_password@example.com/protected-file.zip

Security Considerations: Avoiding Plain Text Passwords

While entering your password directly into the terminal command is convenient, it poses a security risk. Your password may be saved in your terminal’s history file (e.g., .bash_history) or visible to other users on the same system via process monitoring tools like ps.

To mitigate this risk, you can use the following safer alternatives:

wget --user=your_username https://example.com/protected-file.zip
# Inside your ~/.wgetrc file
http_user = your_username
http_password = your_password

Once configured, you can simply run wget https://example.com/protected-file.zip without passing any credentials via the command line.