>Number: 4681 >Category: general >Synopsis: htpasswd.exe limit on password length >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Thu Jul 1 07:40:01 PDT 1999 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.3.6 >Environment: Microsoft Windows 95b >Description: htpasswd.exe seems to have a limit on password length on the win32 build 1.3.6. A password of 10 characters seems to fail, but a password of 5 characters works. Why?
Is it me or is there a password size limit in htpasswd.exe ? If so, it doesn't tell you in the program! >How-To-Repeat: For the 1.3.6 Win32 apache server build, use htpasswd.exe to add a user and for password enter a password such as 'blacktulip' authentication will fail with a password mismatch, change password to 'tulip' and it works. >Fix: >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, you need] [to include <[EMAIL PROTECTED]> in the Cc line and make sure the] [subject line starts with the report component and number, with ] [or without any 'Re:' prefixes (such as "general/1098:" or ] ["Re: general/1098:"). If the subject doesn't match this ] [pattern, your message will be misfiled and ignored. The ] ["apbugs" address is not added to the Cc line of messages from ] [the database automatically because of the potential for mail ] [loops. If you do not include this Cc, your reply may be ig- ] [nored unless you are responding to an explicit request from a ] [developer. Reply only with text; DO NOT SEND ATTACHMENTS! ]
