.htpasswd is a flat-file used to store usernames and password for basic authentication of Apache HTTP Server.
.htpasswd is a flat-file used to store usernames and passwords for basic authentication on Apache HTTP Servers. The name of the file is given in the .htaccess configuration, and can be anything, but ".htpasswd" is the canonical name. The file name starts with a dot, because most Unix-like operating systems consider any file that begins with dot to be hidden.
This file is often maintained with the shell command htpasswd which can add, delete, and update users, and will properly encode the passwords for use (so they are easily checked, but cannot be reversed back to the original password).
The file consists of rows. Each row corresponds to a username and hashed password pair, separated with the colon. For example:
user:password
The hashed password is typically "UNIX crypt" style, encrypted in either MD5 or SHA1 as common alternatives.
Additional users can be added by using the htpasswd shell command or by appending new lines to the file. For example:
user1:password1
user2:password2
Resources available on the Apache HTTP server can be restricted to users listed in the files created by htpasswd.
See also
