[users@httpd] httpd authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



A question regarding httpd authentication.  Currently I am using the default base64 method, which I believe is insecure.  Also only the first 8 characters of our passwords are actually encrypted.  We have several scripts which verify passwords from the htpassword file.  Mostly using the perl pack function.  I've also read about htdigest (md5), but have heard this has security holes too.  The question is: I'd like to upgrade our password security.  i.e. having more characters encrypted and use a stronger digest for the encryption.  I would also like to stick with an apache-based authentication method.  Can someone offer some suggestions?

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux