httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Owen Boyle <>
Subject Re: basic authentication in apache 1.3.19 ignoring more than 8characters in the password.
Date Tue, 16 Apr 2002 13:27:53 GMT
Pete Nelson wrote:
> I just tested this on Apache 1.3.22 on RedHat 6.2 and Apache 1.3.24 on
> Win2k, and both happily took a 19-character password
> (thisisalongpassword).  I am pretty confident that it should also work
> on Apache 1.3.19 on most platforms.

Did you test whether all the characters were significant? AFAIK, apache
uses the system passwd utility which is sensitive only to the first 8
chars. You can put in more if you like but they are not significant. In
other words, "thisisalongpassword" and "thisisalxxxxxxxxx" are the same.


Owen Boyle.

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message