htpasswd generator

Targets Linux
1

Hello ,

Any idea what would be the correct hash for htpasswd generators ? on some sites I saw that it was SHA1 and it was considered insecure and now they use bcrypt but the problem is that whatever I use for bcrypt side is not compatible with the linux side, I guess in the end if I still don’t find anything I will use shell and use the passwd binary from linux and generate the needed passwords .

Thanks.

2

Not an answer to your question but yes SHA 1 should not be used anymore and instead SHA 2

3

Well in my case I need to use htpasswd -B -c .htpasswd username so apparently -B is the bcrypt version.

4

We do have a BCryptMBS module in MBS Xojo Encryption Plugin.