From bfa774d96430ed53d2cb31f2299732b135eaf71c Mon Sep 17 00:00:00 2001
From: Stefan Fritsch <sf@apache.org>
Date: Sat, 6 Jul 2013 21:54:19 +0000
Subject: [PATCH] Merge r1500323 (add note when default algorithm has been
 changed) and add warning about crypt alogrithm from 2.4 man page

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1500329 13f79535-47bb-0310-9956-ffa450edef68
---
 docs/manual/programs/htpasswd.xml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/docs/manual/programs/htpasswd.xml b/docs/manual/programs/htpasswd.xml
index d70f38e3275..35097870668 100644
--- a/docs/manual/programs/htpasswd.xml
+++ b/docs/manual/programs/htpasswd.xml
@@ -103,12 +103,15 @@ distribution.</seealso>
     one) is omitted. It cannot be combined with the <code>-c</code> option.</dd>
 
     <dt><code>-m</code></dt>
-    <dd>Use MD5 encryption for passwords. This is the default.</dd>
+    <dd>Use MD5 encryption for passwords. This is the default (since version
+    2.2.18).</dd>
 
     <dt><code>-d</code></dt>
     <dd>Use <code>crypt()</code> encryption for passwords. This is not
     supported by the <program>httpd</program> server on Windows and
-    Netware and TPF.</dd>
+    Netware and TPF.  This algorithm limits the password length to 8
+    characters.  This algorithm is <strong>insecure</strong> by today's
+    standards.  It used to be the default algorithm until version 2.2.17.</dd>
 
     <dt><code>-s</code></dt>
     <dd>Use SHA encryption for passwords. Facilitates migration from/to Netscape
-- 
2.47.2