1

I run Apache on Ubuntu and use basic HTTP authentication.

I have a htpasswd file and there is a user named scott with the password of tiger. However I changed the password to tiger1.

Now I can login using both tiger and tiger1. Even though I can see that there is only one line in the htpasswd file and the encrypted password has been changed after I changed the password.

What is the problem and how can I cope with it?

noway
  • 311
  • 2
  • 4
  • 1
    How did you change the password? And what does your htpasswd file look like? Did you restart Apache afterwards? – webtoe Mar 28 '12 at 15:17
  • password created with htpasswd command. In the file, there is only one line, it says scott:somehashinfo. Yes, I restarted for several times. – noway Apr 02 '12 at 08:02

1 Answers1

0

Check you .htaccess file and confirm the location of the htpasswd file .. maybe you are using 2 different files

sikas
  • 126
  • 7