[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Repository Passwords are in clear text?

From: Ryan Schmidt <subversion-2005_at_ryandesign.com>
Date: 2005-11-16 14:03:15 CET

On Nov 16, 2005, at 00:35, Gavin Lambert wrote:

> I think Apache's .htpasswd files are a good compromise here.
> Passwords
> are stored in base64, which is of course easily reversible, but it
> means
> that a casual glance doesn't reveal passwords. You actually have to
> open the file with the intent to extract passwords to do so.

Just to set the record straight about Apache: .htpasswd files do not
use base64 encoding. They use md5 hashing by default on Windows,
Netware and TPF, and crypt encryption on all other operating systems,
or you can also use sha hashing. None of these are reversible.

To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Nov 16 14:05:33 2005

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.