Does any have any suggestions on the best way to manage users and passwords in the .htpasswd file using PHP?
The Dreamhost generated file uses a salted hash (I think) but I can still authenticate users whose passwords are stored in plain text in the same file.
Is there a particular hashing method I should use, or is the fact that I moved the .htpasswd file to a folder outside of the web-facing directory sufficient enough to warrant using plain text passwords?
EDIT: Having looked at my htpasswd file again, the demo user I added to test with already existed further up, so my being able to login was an error on my part.
How do I correctly encrypt passwords so that the server will authenticate them?