htpasswd Generator

Enter your own username and password, choose an Apache Basic Auth hash format, and copy a ready-to-paste .htpasswd line. APR1/MD5 and SHA-1 are generated in your browser; bcrypt gives you the safer server-side htpasswd -B command.

Private by design: your username and password are processed locally in this page. Nothing is sent to StashGrid.

Username

Password

Hash type

Random password length

bcrypt cost

AuthName / popup label

Generated .htpasswd line

Enter a username and password, then generate.

Command / server-side equivalent

.htaccess snippet

Which hash should I use?

bcrypt: recommended for new Apache installsAPR1/MD5: widely compatibleSHA-1: legacy onlyPlain text: Windows/NetWare only

Apache documents bcrypt as currently very secure. APR1/MD5 is Apache-specific and commonly compatible, but older. This page now validates APR1 against Apache/OpenSSL example vectors. SHA-1, crypt, and plaintext are legacy formats and should only be used when your host requires them.

Related password tools

Password Generator API Key Generator JWT Secret Generator htpasswd Generator StashGrid.ai

FAQ

Can I enter my own password?

Yes. Type your own password, or use Generate Password to create a random one.

Why does bcrypt show a command instead of a browser hash?

bcrypt is the best choice for new Apache deployments, but the safest no-dependency workflow is to generate the password locally and run Apache's own htpasswd command on your server.

Is APR1 the same as normal MD5?

No. APR1 is Apache's MD5-based htpasswd format. It starts with $apr1$ and is not the same as a plain MD5 checksum.