On Monday 13 December 2010, Daniel Bareiro wrote: > Apparently, crypt() is the algorithm used by default, which would > limit passwords to 8 characters. This does not happen with SHA-1.
Yes, that is described in the htpasswd man page. The recommended algorithm is apr_md5 (the SHA algorithm does not use a salt and is less secure). The default will be changed in Apache 2.4. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
