Wouldn't it be terribly easy to decrypt a .htpasswd file? — OZONE Asylum, home of the Mad Scientists

FAQ

This page's ID: 5738

Wouldn't it be terribly easy to decrypt a .htpasswd file? $Pages that link to <a href="https://ozoneasylum.com/backlink?for=5738" title="Pages that link to Wouldn&#039;t it be terribly easy to decrypt a .htpasswd file?" rel="nofollow" >Wouldn't it be terribly easy to decrypt a .htpasswd file?\$
Welcome to the OzoneAsylum FaqWiki Frequently Asked Questions Server Side Coding Apache
No. The values stored in the password file are being created by a mathematical 'one-way' function from the password you give. Later on, the password the user enters is put through the same one-way function, and then it is seen wether the two results match. There's no way to efficently find a valid password given the result of the one way function. also see 'man crypt' on most unix systems. (Added by: Tyberius Prime on Sat 21-Jun-2003)