I have used .htpasswd to protect a directory. I have added some user with cPanel for initialization and find the password "superman" of user "spotty" have been encrypted to "SwiwEaoYmIe/c" at first time added and been encrypted to "2uhyjTm/HBJFs" at second time added. And I have used the crypt() of PHP to encrypt the password and get the result as "$1$PtzoD4Vk$NOZlGnuHtWwAQzVEsMlNF/", used the MD5() of PHP and get the result as "d41d8cd98f00b204e9800998ecf8427e". None of them is fit with the string stored in .htpasswd file. I don't know how to encrypt the password that visitor inputed to compare with the string stored in .htpasswd. Could anyone give any suggest?
Thanks.
How to encrypt a password to compare with .htpasswd?
Moderator: General Moderators
- Ambush Commander
- DevNet Master
- Posts: 3698
- Joined: Mon Oct 25, 2004 9:29 pm
- Location: New Jersey, US
Re: How to encrypt a password to compare with .htpasswd?
Use the htpasswd command line utility.
If security is not an issue, http://home.flash.net/cgi-bin/pw.pl should do the trick
If security is not an issue, http://home.flash.net/cgi-bin/pw.pl should do the trick
Re: How to encrypt a password to compare with .htpasswd?
Thanks for advise.Ambush Commander wrote:Use the htpasswd command line utility.
If security is not an issue, http://home.flash.net/cgi-bin/pw.pl should do the trick
I could not use the command line for the website hosted in a virtual server. And the encrypted string from the page you given is "spotty:WYtLt67uJmvtY". It still is not equal with the string stored in .htpasswd.
I found the encrypted string of the password "superman" in changed every time I added. So, how can I encrypt a string to compare with it? It's really a problem. Any suggestion, thanks.
-
geethalakshmi
- Forum Commoner
- Posts: 31
- Joined: Thu Apr 24, 2008 10:38 pm
Re: How to encrypt a password to compare with .htpasswd?
Here is the code to display encrypted password
http://hiox.org/index.php?id=278
http://hiox.org/index.php?id=278
Re: How to encrypt a password to compare with .htpasswd?
Firstly, that code doesn't display encrypted passwords at all, it only displays an MD5 hash. Hashing is not encryption.geethalakshmi wrote:Here is the code to display encrypted password
http://hiox.org/index.php?id=278
Second, it assumes that the password is stored as plain text in the database (or it MD5s the database hash giving the wrong result).
Thirdly, there are numerous problems with the script like you're not checking the query actually returned any results, and you're accessing an array value without quoting the key (eg $row[password] should be $row['password']).
And lastly, and most importantly, you're just linking to some post on another site without good reason which in my opinion is bordering on spamming. Do it again and I'll remove your post.