httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From José Miguel Holguín Aparicio <>
Subject Authentication Basic default format
Date Wed, 21 Oct 2009 09:07:05 GMT

I have a question about htpasswd when creating password hashes for
"Basic Authentication". Why there isn't any warning message regarding
password truncate to 8 characters?

As you can see at your own documentation
OpenSSL is already warning us about this issue.

In my opinion htpasswd command must show a warning message like
OpenSSL does. Do you agree?

Thanks in advance.

José Miguel Holguín
Security Technical Consultant
Carnegie Mellon Certified (FIH)

View raw message