Hello Michael, hello List,
I have a question concerning the commit #eef9b2529c3cab522dac4f4bcfa1a0075376514e (http://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=eef9b2529c3cab522dac4f4bc...).
It is correct that htpasswd uses the MD5 algorithm as default, which is not very secure indeed. However, the -s option (which enforces the use of SHA) is insecure since there is no salt.
In case IPFire uses the same htpasswd version I use, I'd suggest the use of bcrypt (option: -B), since it is stronger than both SHA and MD5.
This issue also appears in the help output of htpasswd:
twilson@fra-03-47-1b:~> htpasswd --help [...] -m Force MD5 encryption of the password (default). -B Force bcrypt encryption of the password (very secure). -C Set the computing time used for the bcrypt algorithm (higher is more secure but slower, default: 5, valid: 4 to 31). -d Force CRYPT encryption of the password (8 chars max, insecure). -s Force SHA encryption of the password (insecure). -p Do not encrypt the password (plaintext, insecure). [...] On other systems than Windows and NetWare the '-p' flag will probably not work. The SHA algorithm does not use a salt and is less secure than the MD5 algorithm. twilson@fra-03-47-1b:~>
If your htpasswd version is somehow patched against this problem, just ignore my e-mail. :-)
Best regards, Timmothy Wilson