.htpasswd SHA1 Hash Generator
Client-side javascript hash generator tool
This page runs entirely in your browser. Usernames, passwords, and all other information remains on your computer.
Paste the above result line into your .htpasswd file on the server. The format is username:{SHA}base64_of_sha1(password). Multiple lines can be listed in the same .htpassword file
Examples
.htaccess
This is a minimal configuration for Basic Authentication using an external .htpasswd file. You must update the AuthUserFile path to match the absolute server location of your file.
AuthType Basic
AuthName "Restricted Area"
AuthUserFile /home/example/private/.htpasswd
Require valid-user
Place this .htaccess file inside the directory you want to protect.
Ensure that the .htpasswd file is outside the web root and readable by the server.
.htpasswd
Below is an example of a .htpasswd file containing multiple permitted users. Each line contains a username and a hashed password in the format username:{SHA}base64_of_sha1(password).
alice:{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=
bob:{SHA}qUqP5cyxm6YcTAhz05Hph5gvu9M=
charlie:{SHA}2jmj7l5rSw0yVb/vlWAYkK/YBwk=
Each line defines a single user.
Use the tool above to generate SHA-1 password hashes.
The .htpasswd file should be stored outside the public web root and should be readable by the web server but not by visitors.