≡ Menu

Linux / UNIX generate htpasswd to store username and password with htpasswd command

Q. How do I use htpasswd command to store username and passwords?

A. htpasswd is used to create and update the flat-files used to store usernames and password for basic authentication of HTTP users. If htpasswd cannot access a file, such as not being able to write to the output file or not being able to read the file in order to update it, it returns an error status and makes no changes.

Create a new password file

Following command will creates a new file and stores a record in it for user jerry. The user is prompted for the password. If the file exists and cannot be read, or cannot be written, it is not altered and htpasswd will display a message and return an error status.
# htpasswd -c /home/pwww/.htpasswd jerry

Change or update password

To add or modifies the password for user tom, enter:
# htpasswd /home/pwww/.htpasswd-users tom

The user is prompted for the password.

See previous FAQ : Apache password protect directories with .htaccess file for more examples.

Tweet itFacebook itGoogle+ itPDF itFound an error/typo on this page?

{ 7 comments… add one }

  • Hari Karam Singh August 22, 2008, 10:50 am

    FYI, I just had an issue where htpasswd’s folder wasn’t in the path. Instead it was in

    /usr/local/apache/bin/

    So I just added an alias to .bashrc:

    alias htpasswd=”/usr/local/apache/bin/htpasswd”

  • Max Johnson February 13, 2009, 6:43 am

    CAUTION: If you use the -c parameter to add a new user, it will start the whole .htpaswd file from scratch, wiping any previous users/passwords.

    To add more users to an existing .htpasswd file, be sure to leave out the -c.

    Just a heads up, as I don’t think this was defined clearly enough in the article, and caused me about 5 minutes of ‘fun’ just before :P

  • James Dalgarno July 23, 2009, 8:16 am

    Thanks Vivek Gite for the info

    Thanks Max Johnson for the additional clarity as I may have ended up having a hell of a job trying to find out what was in the original file :)

    Cheers
    Dal

  • Rick September 25, 2009, 5:17 pm

    Hello-
    Before I spend hours trying to figure this out, can someone tell me if it’s possible to read a plain text file consisting of usernames & passwords, encrypt the passwords, and the write the usernames & “encrypted passwords” to a .htpassword file all from within a shellscript that can be run from a daily cronjob?
    Any help, advice, suggestions are greatly appreciated…
    Thanks, Rick

  • Niels Bom October 31, 2012, 1:25 pm

    @Rick (a very late reply): that sounds totally doable.
    Write a bash script that that parses the plain text file and per line executes a certain variation of the htpasswd command.

  • Tony November 8, 2012, 8:41 am

    Thanks for this. Helped me out in restricting access to a development site.

  • Kalyan March 11, 2014, 1:18 pm

    What are the 5 fields refer to in the generated password file?

Leave a Comment