Q. How do I use htpasswd command to store username and passwords?


A. htpasswd is used to create and update the flat-files used to store usernames and password for basic authentication of HTTP users. If htpasswd cannot access a file, such as not being able to write to the output file or not being able to read the file in order to update it, it returns an error status and makes no changes.

Create a new password file

Following command will creates a new file and stores a record in it for user jerry. The user is prompted for the password. If the file exists and cannot be read, or cannot be written, it is not altered and htpasswd will display a message and return an error status.
# htpasswd -c /home/pwww/.htpasswd jerry

Change or update password

To add or modifies the password for user tom, enter:
# htpasswd /home/pwww/.htpasswd-users tom

The user is prompted for the password.

See previous FAQ : Apache password protect directories with .htaccess file for more examples.

🥺 Was this helpful? Please add a comment to show your appreciation or feedback.

nixCrat Tux Pixel Penguin
Hi! 🤠
I'm Vivek Gite, and I write about Linux, macOS, Unix, IT, programming, infosec, and open source. Subscribe to my RSS feed or email newsletter for updates.

8 comments… add one
  • Hari Karam Singh Aug 22, 2008 @ 10:50

    FYI, I just had an issue where htpasswd’s folder wasn’t in the path. Instead it was in


    So I just added an alias to .bashrc:

    alias htpasswd=”/usr/local/apache/bin/htpasswd”

  • Max Johnson Feb 13, 2009 @ 6:43

    CAUTION: If you use the -c parameter to add a new user, it will start the whole .htpaswd file from scratch, wiping any previous users/passwords.

    To add more users to an existing .htpasswd file, be sure to leave out the -c.

    Just a heads up, as I don’t think this was defined clearly enough in the article, and caused me about 5 minutes of ‘fun’ just before :P

  • James Dalgarno Jul 23, 2009 @ 8:16

    Thanks Vivek Gite for the info

    Thanks Max Johnson for the additional clarity as I may have ended up having a hell of a job trying to find out what was in the original file :)


  • Rick Sep 25, 2009 @ 17:17

    Before I spend hours trying to figure this out, can someone tell me if it’s possible to read a plain text file consisting of usernames & passwords, encrypt the passwords, and the write the usernames & “encrypted passwords” to a .htpassword file all from within a shellscript that can be run from a daily cronjob?
    Any help, advice, suggestions are greatly appreciated…
    Thanks, Rick

  • Niels Bom Oct 31, 2012 @ 13:25

    @Rick (a very late reply): that sounds totally doable.
    Write a bash script that that parses the plain text file and per line executes a certain variation of the htpasswd command.

  • Tony Nov 8, 2012 @ 8:41

    Thanks for this. Helped me out in restricting access to a development site.

  • Kalyan Mar 11, 2014 @ 13:18

    What are the 5 fields refer to in the generated password file?

  • Benjamin Feb 16, 2017 @ 22:37

    This was missing in the article:
    AuthType Basic
    AuthName “Password Protected Area”
    AuthUserFile /path/to/.htpasswd
    Require valid-user

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre> for code samples. Your comment will appear only after approval by the site admin.