Date: Mon, 7 Jul 2008 08:46:47 -0400 From: Bill Moran <wmoran@potentialtech.com> To: "Jos Chrispijn" <jos@webrz.net> Cc: questions@freebsd.org Subject: Re: .htaccess or OS related? Message-ID: <20080707084647.9a426e86.wmoran@potentialtech.com> In-Reply-To: <002301c8e02d$7f4fde70$7def9b50$@net> References: <001201c8e02b$9c6e9ed0$d54bdc70$@net> <20080707082222.eac3bbf6.wmoran@potentialtech.com> <002301c8e02d$7f4fde70$7def9b50$@net>
next in thread | previous in thread | raw e-mail | index | archive | help
In response to "Jos Chrispijn" <jos@webrz.net>: > Bill, > > > -----Original Message----- Keep the list in the loop on replies. > > The algorithm is part of Apache and has little or nothing to do with > > the OS on which it runs. > > I see, so .htpasswd is an Apache utility then; didn't know that. > > > And the encryption used to store passwords in .htaccess files is known > > to be weak. If you need something strong, look to one of the other mod_* > > security packages instead of .htaccess passwords. > > What other mod_* security package would you recommend? I won't _recommend_ anything. However, I will point out that there's a mod_ldap, mod_auth_kerb, and mod_auth_pam. There are probably others that I'm forgetting. -- Bill Moran http://www.potentialtech.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080707084647.9a426e86.wmoran>