Htpasswd Generator

htpasswd generator used to create Htaccess .htpasswd files. All encryption formats are supported, including bcrypt, sha1, md5, and crypt.

Username:
Password:
Realm or Popup Name:
Encryption Algorithm:

Htpasswd Generator Formats

Apache Servers recognize 5 formats for representing a password hash in the text file usually named .htpasswd.

BCRYPT

Use bcrypt encryption for passwords. This is currently considered to be very secure.

CRYPT

crypt(3) is the library function which is used to compute a password hash. Technically the name is a misnomer since it is actually a cryptographic hash function. The output of the function is not merely the hash: it is a text string which also encodes the salt and identifies the hash algorithm used. Apache uses the traditional Unix crypt function with a randomly-generated 32-bit salt (only 12 bits used) and the first 8 characters of the password. ALG_CRYPT

MD5

MD5 is one in a series of message digest algorithms designed by Professor Ronald Rivest of MIT. The 128-bit (16-byte) MD5 hashes (also termed message digests) are typically represented as a sequence of 32 hexadecimal digits. In .htpasswd files the hash is: $apr1$ + an Apache-specific algorithm using an iterated (1,000 times) MD5 digest of various combinations of a random 32-bit salt and the password. ALG_APMD5

SHA-1

The SHA hash functions are a set of cryptographic hash functions designed by the National Security Agency (NSA) and published by the NIST as a U.S. Federal Information Processing Standard. SHA-1 produces a 160-bit digest from a message with a maximum length of (264 - 1) bits. SHA-1 is the most widely employed of the SHA family. It forms part of several widely used security applications and protocols, including TLS and SSL, PGP, SSH, S/MIME, and IPsec. In .htpasswd files the hash is as follows: {SHA} + Base64-encoded SHA-1 digest of the password. ALG_APSHA

PLAIN TEXT

Unencrypted for Windows, BEOS, & Netware only. ALG_PLAIN