PDA

View Full Version : .htaccess Password case sensitivity



BillTheBuilder
01-06-2012, 02:15 PM
1) Script Title:
.htaccess Password Generator

2) Script URL (on DD):
http://tools.dynamicdrive.com/password/

3) Describe problem:
I would like to set the same password but without case sensitivity to make it easier to logging. I have tried using the same user name and different passwords with different cases, but could not get it to work. I am sure I am just missing something that is simple for someone else.

For the record .htaccess Password Generator is awesome and I am very happy to have found this site.

Bill

traq
01-06-2012, 04:24 PM
that's not something the generator can do. Apache reads the password case-sensitively.

Making your password case-insensitive dramatically reduces its effectiveness anyway (that's why no halfway-decent login is case-insensitive) - if you want to make it easier to log in, you should simply stop using a password.

djr33
01-07-2012, 06:30 AM
Or use only numbers. If you just, for whatever reason, want a "simple" password, then you can use numbers and those won't ever change. Not that I'd recommend it if your goal is keeping people out.

BillTheBuilder
01-13-2012, 08:32 PM
Thanks for the replies.

The site I am working with is a very low security site with a single password for everyone. I am not sure if I can post links here or if that is spammy, but the site is a retreat site and the password page is more for those planning it and events.

If I could have just a password and no username on that one, I would even do that.

I agree with the security issue. I have one account that has upper/lower case, with number and symbols to use. But given what it is for makes sense.

Overall, I think the generator is great and was only trying to tweak it to better serve what I was trying to do for that particular site.

Thanks again

djr33
01-13-2012, 11:48 PM
Posting a link to give us information about a question is fine. But in this case I don't think it's needed-- it sounds like this is mostly resolved, since the format just doesn't allow for a case-insensitive password. Of course there are other ways to have passwords, such as using PHP. And with that you could even skip the username if you want. But it would be a little harder to set up.