1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How do I encrypt (and decrypt) htpasswd files?

Discussion in 'General Discussion' started by agreenbhm, Apr 8, 2006.

  1. agreenbhm

    agreenbhm New Member

    Joined:
    Apr 8, 2006
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    I have written an entire register/login script for my site in php. I just recently switched hosts to a company called DailyRazor.com. They have Cpanel 10.

    I am trying to password protect a directory, but I want the users to have to register on my site before they can access it. I would like to use CPanel's built in directory protection, but I am having a problem regarding the passwords.

    I know how I can write the information to the htpasswd file, but I don't know how to encrypt the passwords when I write them to the file.

    I guess what i'm asking for is what type of encryption is used on passwords when the htpasswd files are written. A code example as well as an explanation would be great, because I do not know exactly what "salt" is, except that it pertains to encryption.

    Any help would be greatly appreciated.
     
  2. madaboutlinux

    madaboutlinux Active Member

    Joined:
    Jan 24, 2005
    Messages:
    1,052
    Likes Received:
    2
    Trophy Points:
    38
    Location:
    Earth
    Use the below url to encrypt the password :-
    http://www.desilva.biz/apache/pwdweb.html

    You will just have to provide the username/password. It will encrypt the password and will provide you. Just copy/ paste the Username/Password in .htpasswd file and you will be able to access the directory with that particular Username.
     
  3. agreenbhm

    agreenbhm New Member

    Joined:
    Apr 8, 2006
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    I need the code that the password encryption generator on the link you gave me is using. Where can I find it?
     
  4. agreenbhm

    agreenbhm New Member

    Joined:
    Apr 8, 2006
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    I was able to find the code online. Here it is:

    Code:
    $password = crypt($clearTextPassword, base64_encode($clearTextPassword));
     
  5. Scorpion-1984

    Scorpion-1984 New Member

    Joined:
    Mar 26, 2007
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Im looking for the encryption method to. This one doesn't seem right though, because it generates the same password on refresh, while the given site doesn't.

    Greets Bas
     
  6. chirpy

    chirpy Super Moderator

    Joined:
    Jun 15, 2002
    Messages:
    13,499
    Likes Received:
    14
    Trophy Points:
    38
    Location:
    Go on, have a guess
    That just means it uses a different salt. You need to look into how the crypt() function works. Bear in mind that it is one-way encryption only, i.e. you cannot decrypt it (you'd have to use a brute-force password guesser to do that).
     

Share This Page