Htpasswd Generator

Htpasswd is a command-line tool used to create and update the flat-files used to store usernames and passwords for basic authentication of HTTP users in Apache web servers. This tool generates htpasswd entries compatible with Apache HTTP Server.

Generate Htpasswd Entry

Username:

Password:

Hash Algorithm:

Bcrypt is the most secure option and recommended for new installations.

Generated Htpasswd Entry:

How to use?

Copy the generated entry and paste it into your .htpasswd file. Each line should contain one username:password pair. Place the .htpasswd file in a secure location outside your web root.

Verify Htpasswd Entry

Htpasswd Entry:

Password to Check:

Htpasswd Entry Format

Htpasswd entries follow the format:

username:password_hash

Different algorithms have different hash formats:

Bcrypt: $2y$ prefix
MD5: $apr1$ prefix
SHA-1: {SHA} prefix
Crypt: No prefix (DES)

Security Information

Important notes about Htpasswd:

Store .htpasswd files outside your web document root for security.
Use Bcrypt algorithm for new installations - it's the most secure option.
MD5 with Apache salt ($apr1$) is acceptable for legacy systems.
Avoid SHA-1 and Crypt (DES) for new installations - they're less secure.
This tool processes all data in your browser - no credentials are sent to our server.
Regularly update passwords and use strong, unique passwords for each user.

Apache Configuration

To use .htpasswd file in Apache, add this to your .htaccess or virtual host configuration:

AuthType Basic
AuthName "Restricted Area"
AuthUserFile /path/to/.htpasswd
Require valid-user

Replace /path/to/.htpasswd with the actual path to your .htpasswd file.

Notifications

Htpasswd Generator