Merge r1500323 (add note when default algorithm has been changed) and add

author Stefan Fritsch <sf@apache.org>

Sat, 6 Jul 2013 21:54:19 +0000 (21:54 +0000)

committer Stefan Fritsch <sf@apache.org>

Sat, 6 Jul 2013 21:54:19 +0000 (21:54 +0000)
author Stefan Fritsch <sf@apache.org>
Sat, 6 Jul 2013 21:54:19 +0000 (21:54 +0000)
committer Stefan Fritsch <sf@apache.org>
Sat, 6 Jul 2013 21:54:19 +0000 (21:54 +0000)
diff --git a/docs/manual/programs/htpasswd.xml b/docs/manual/programs/htpasswd.xml

index d70f38e32750aaf81abb7087b2db7d6993626e2c..35097870668fe736ed65bbd54c96fb572cd23fa7 100644 (file)
--- a/docs/manual/programs/htpasswd.xml
+++ b/docs/manual/programs/htpasswd.xml
@@ -103,12 +103,15 @@ distribution.</seealso>
      one) is omitted. It cannot be combined with the <code>-c</code> option.</dd>
  
      <dt><code>-m</code></dt>
-    <dd>Use MD5 encryption for passwords. This is the default.</dd>
+    <dd>Use MD5 encryption for passwords. This is the default (since version
+    2.2.18).</dd>
  
      <dt><code>-d</code></dt>
      <dd>Use <code>crypt()</code> encryption for passwords. This is not
      supported by the <program>httpd</program> server on Windows and
-    Netware and TPF.</dd>
+    Netware and TPF.  This algorithm limits the password length to 8
+    characters.  This algorithm is <strong>insecure</strong> by today's
+    standards.  It used to be the default algorithm until version 2.2.17.</dd>
  
      <dt><code>-s</code></dt>
      <dd>Use SHA encryption for passwords. Facilitates migration from/to Netscape
author	Stefan Fritsch <sf@apache.org>
	Sat, 6 Jul 2013 21:54:19 +0000 (21:54 +0000)
committer	Stefan Fritsch <sf@apache.org>
	Sat, 6 Jul 2013 21:54:19 +0000 (21:54 +0000)