Page 1 of 1

htpasswd security

Posted: Tue Mar 14, 2006 2:23 pm
by d3ad1ysp0rk
Does anyone have an idea whether someone could use brute force against an apache .htpasswd setup? I'm not quite sure whether Apache has preventative methods setup for this, and if so, could the attacker just use a set of proxies to get around them?

Posted: Tue Mar 14, 2006 2:31 pm
by feyd
In most instances, brute forcing is possible. This is one of those cases.