Linux / UNIX generate htpasswd to store username and password with htpasswd command

Posted on in Categories , , , , , , , , last updated August 15, 2007

Q. How do I use htpasswd command to store username and passwords?

A. htpasswd is used to create and update the flat-files used to store usernames and password for basic authentication of HTTP users. If htpasswd cannot access a file, such as not being able to write to the output file or not being able to read the file in order to update it, it returns an error status and makes no changes.

Create a new password file

Following command will creates a new file and stores a record in it for user jerry. The user is prompted for the password. If the file exists and cannot be read, or cannot be written, it is not altered and htpasswd will display a message and return an error status.
# htpasswd -c /home/pwww/.htpasswd jerry

Change or update password

To add or modifies the password for user tom, enter:
# htpasswd /home/pwww/.htpasswd-users tom

The user is prompted for the password.

See previous FAQ : Apache password protect directories with .htaccess file for more examples.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

8 comment

  1. FYI, I just had an issue where htpasswd’s folder wasn’t in the path. Instead it was in

    /usr/local/apache/bin/

    So I just added an alias to .bashrc:

    alias htpasswd=”/usr/local/apache/bin/htpasswd”

  2. CAUTION: If you use the -c parameter to add a new user, it will start the whole .htpaswd file from scratch, wiping any previous users/passwords.

    To add more users to an existing .htpasswd file, be sure to leave out the -c.

    Just a heads up, as I don’t think this was defined clearly enough in the article, and caused me about 5 minutes of ‘fun’ just before :P

  3. Thanks Vivek Gite for the info

    Thanks Max Johnson for the additional clarity as I may have ended up having a hell of a job trying to find out what was in the original file :)

    Cheers
    Dal

  4. Hello-
    Before I spend hours trying to figure this out, can someone tell me if it’s possible to read a plain text file consisting of usernames & passwords, encrypt the passwords, and the write the usernames & “encrypted passwords” to a .htpassword file all from within a shellscript that can be run from a daily cronjob?
    Any help, advice, suggestions are greatly appreciated…
    Thanks, Rick

  5. @Rick (a very late reply): that sounds totally doable.
    Write a bash script that that parses the plain text file and per line executes a certain variation of the htpasswd command.

Leave a Comment