httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 46152] access allowed if password matches first seven characters of real password
Date Thu, 18 Jun 2009 11:54:15 GMT

Dan Poirier <> changed:

           What    |Removed                     |Added
             Status|NEW                         |NEEDINFO

--- Comment #1 from Dan Poirier <>  2009-06-18 04:54:14 PST ---
The doc for htpasswd on 2.2 and trunk does say that when encrypted using
crypt() (the default), only the first 8 characters of the password are used. 
That might have been added since your bug report, I don't know. 

Are you sure it's 7 and not 8 characters?  Both the htpasswd doc, and the
crypt(3) man page, say that 8 characters are used.

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message