Does this work with Nginx?

This tool generates Apache .htaccess/.htpasswd format. Nginx requires different configuration.

Which hash method is recommended?

bcrypt is the most secure. Use MD5 if you need compatibility with Apache < 2.4.

Can I add multiple users?

Yes, add multiple lines to the .htpasswd file for each user.

Basic Authentication Header Generator

Overview How to Use Glossary FAQ Use Cases

Note: The syntax and available characters for .htaccess and .htpasswd files may vary depending on your environment. If it doesn't work, please check the actual conditions of your environment.

Auth Name (Title displayed on the authentication screen):
Auth User File (Path to the .htpasswd file):

Username:
Password:

What is Basic Authentication?

Basic authentication is a simple security measure that requires users to enter a username and password before accessing a website or specific page. By setting up basic authentication, only authenticated users can access the content. This tool allows you to easily create the .htaccess and .htpasswd files needed for implementing basic authentication.

The Role of .htaccess and .htpasswd Files

To implement basic authentication, you need to create two files: .htaccess and .htpasswd.

.htaccess File:: Instructs the web server to apply basic authentication to a specific directory. It also specifies the location of the .htpasswd file that stores user credentials.
.htpasswd File:: Stores the usernames and their associated passwords (usually encrypted) used for authentication. For security, it is recommended to place this file outside the public directory.

Benefits of Basic Authentication

Simple Structure:: No special programming or database is required; it can be implemented with just the .htaccess and .htpasswd files.
Protection of Private Content:: Helps protect non-public content and admin pages from general users.

Considerations for Basic Authentication

It is strongly recommended to use basic authentication over SSL/TLS (HTTPS). This is because usernames and passwords are sent in plain text, posing a risk of interception in unencrypted communication.

An online tool to generate .htaccess and .htpasswd code for Basic Authentication. Enter a username and password to generate the required configuration.

Supports multiple password hashing algorithms (bcrypt, MD5, SHA-1) for secure authentication setup.

All processing is done in your browser. No credentials are sent to any server.

Enter credentials

Type a username and password for the authentication.

Select hash method

Choose bcrypt, MD5, or SHA-1 for password hashing.

Copy and deploy

Copy the .htaccess and .htpasswd code and place them on your server.

Basic Authentication: An HTTP authentication method that restricts access using username and password.
.htaccess: Apache web server configuration file used to set up Basic Auth.
.htpasswd: File that stores usernames and hashed passwords for Basic Auth.
bcrypt: The most secure password hashing algorithm. Supported in Apache 2.4+.
Digest Authentication: A more secure alternative to Basic Auth where passwords are hashed before transmission.

Q. Does this work with Nginx?: A. This tool generates Apache .htaccess/.htpasswd format. Nginx requires different configuration.
Q. Which hash method is recommended?: A. bcrypt is the most secure. Use MD5 if you need compatibility with Apache < 2.4.
Q. Can I add multiple users?: A. Yes, add multiple lines to the .htpasswd file for each user.
Q. Is my data sent to a server?: A. No. All processing is done in your browser.
Q. Can I use this on mobile?: A. Yes, the tool is fully responsive.

🔒

Development Protection

Password-protect staging sites to prevent public access.

🛡️

Admin Panel Security

Add Basic Auth to /wp-admin/ for double security.

🖥️

Staging Protection

Restrict access to staging environments.

🏢

Internal Tools

Protect internal company tools from unauthorized access.