Digest authentication is significantly more secure than basic authentication. When a client wants to access a protected resource, the server sends a random string, called a nonce, as a challenge. The client then uses this nonce together with the username and password to calculate an MD5 hash and sends it back to the server for verification.