Remove unsecure methods from htpasswd and make md5 default

2020-01-19 18:26:14 +01:00
parent 0a5fd94577
commit 6108d8d759
6 changed files with 21 additions and 98 deletions
--- a/8
+++ b/8
@ -68,11 +68,9 @@
 #htpasswd_filename = /etc/radicale/users

 # Htpasswd encryption method
-# Value: plain | sha1 | ssha | crypt | bcrypt | md5
-# Only bcrypt can be considered secure.
-# bcrypt requires the passlib[bcrypt] module and md5 requires
-# the passlib module.
-#htpasswd_encryption = bcrypt
+# Value: plain | bcrypt | md5
+# bcrypt requires the passlib[bcrypt] module.
+#htpasswd_encryption = md5

 # Incorrect authentication delay (seconds)
 #delay = 1