Hi, I have a question about htpasswd when creating password hashes for "Basic Authentication". Why there isn't any warning message regarding password truncate to 8 characters?
As you can see at your own documentation (http://httpd.apache.org/docs/2.2/misc/password_encryptions.html), OpenSSL is already warning us about this issue. In my opinion htpasswd command must show a warning message like OpenSSL does. Do you agree? Thanks in advance. Regards -- José Miguel Holguín Security Technical Consultant Carnegie Mellon Certified (FIH) http://www.pentester.es
