This directory includes some utilities to allow Apache 1.3.6 to recognize passwords in SHA1 format, as used by Netscape web servers. From Netscape's admin interface, export the password database to an ldif file and then use convert.pl in this distribution to generate apache style password files. Note: SHA1 support is useful for migration purposes, but is less secure than Apache's password format, since Apache's (MD5) password format uses a random eight character salt to generate one of many possible hashes for the same password. Netscape uses plain SHA1 without a salt, so the same password will always generate the same hash, making it easier to break since the search space is smaller. This code was contributed by Clinton Wong . README.sha1 this file convert-sha1.pl takes an ldif dump from Netscape's web server on standard in, outputs apache htpasswd format on standard out. Usage: convert.pl < ldif > passwords htpasswd-sha1.pl perl script to generate entries in apache htpasswd format. Usage: htpasswd-sha1.pl some_user some_password ldif-sha1.example sample ldif dump with one sha1 password and one crypt password.