.htaccess password generator

NEW : Robots.txt validator with link check

This script generates an encrypted password for use in a .htpasswd file to password protect webserver resources.
Often used in combination with the Apache webserver to protect a directory or file from unauthorized access.
The .htaccess file should contain a valid, full path to the location of the .htpasswd file.

Example :

AuthUserFile /var/www/domains/alterlinks.fr/toto/.htpasswd
AuthGroupFile /dev/null
AuthName "Restricted Access"
AuthType Basic
<limit GET>
require valid-user

Desired username : 

Desired password : 

Re-type desired password : 

CRYPT  |  MD5  |  SHA1

Cut & paste the line below into your .htpasswd file :


• I do not know the full path on the server to my website. How can I find out ?

If you do not know the full path to your website on a remote server, which is needed to specify the location of your .htpasswd file, there are two easy ways to find out :

• Ask your hosting provider for the full path to your website

• If your website supports PHP, create a new page, for instance test.php and add the following text to it :


Save the page and upload it to your website. Then open the page by pointing your webbrowser to it, for instance :


In the result, look for the line DOCUMENT_ROOT or SCRIPT_FILENAME which will show you the full path to your website on the server.

MD5"$apr1$" + the result of an Apache-specific algorithm using an iterated (1,000 times) MD5 digest of various combinations of a random 32-bit salt and the password.
SHA1"{SHA}" + Base64-encoded SHA-1 digest of the password.
CRYPTUnix only. Uses the traditional Unix crypt(3) function with a randomly-generated 32-bit salt (only 12 bits used) and the first 8 characters of the password.

Valid HTML 4.01 Transitional