https://stackoverflow.com/questions/14911830
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianThe htpasswd program usually creates encrypted passwords. If you used MD5, SHA1, bcrypt or crypt for encrypting passwords, you almost can’t recover the original data. These cryptographic functions are called one-way: you can create a hash but you can’t restore the original value. It’s the main purpose of the one-way functions.
As I know, in the HTTP Digest algorithm, RFC2617, introduced so called realm, some [unique] string for a challenge. This information is used for hashing passwords. It’s not possible to reuse a file with passwords because, for the Basic Authentication, these passwords were hashed without the realm information.
Try to ask your users to change their passwords after the first authentication.
