Htpasswd Generator

htpasswd generator used to create Htaccess .htpasswd files. All encryption formats are supported, including bcrypt, sha1, md5, and crypt.

Realm or Popup Name:
Encryption Algorithm:

Htpasswd Generator Formats

Apache Servers recognize 5 formats for representing a password hash in the text file usually named .htpasswd.


Use bcrypt encryption for passwords. This is currently considered to be very secure.


crypt(3) is the library function which is used to compute a password hash. Technically the name is a misnomer since it is actually a cryptographic hash function. The output of the function is not merely the hash: it is a text string which also encodes the salt and identifies the hash algorithm used. Apache uses the traditional Unix crypt function with a randomly-generated 32-bit salt (only 12 bits used) and the first 8 characters of the password. ALG_CRYPT


MD5 is one in a series of message digest algorithms designed by Professor Ronald Rivest of MIT. The 128-bit (16-byte) MD5 hashes (also termed message digests) are typically represented as a sequence of 32 hexadecimal digits. In .htpasswd files the hash is: $apr1$ + an Apache-specific algorithm using an iterated (1,000 times) MD5 digest of various combinations of a random 32-bit salt and the password. ALG_APMD5


The SHA hash functions are a set of cryptographic hash functions designed by the National Security Agency (NSA) and published by the NIST as a U.S. Federal Information Processing Standard. SHA-1 produces a 160-bit digest from a message with a maximum length of (264 - 1) bits. SHA-1 is the most widely employed of the SHA family. It forms part of several widely used security applications and protocols, including TLS and SSL, PGP, SSH, S/MIME, and IPsec. In .htpasswd files the hash is as follows: {SHA} + Base64-encoded SHA-1 digest of the password. ALG_APSHA


Unencrypted for Windows, BEOS, & Netware only. ALG_PLAIN