diff --git a/master.html b/master.html index 77961aa6..a8b08b18 100644 --- a/master.html +++ b/master.html @@ -359,20 +359,19 @@ file.

The secure way

The users file can be created and managed with htpasswd:

-
# Create a new htpasswd file with the user "user1"
-$ htpasswd -c /path/to/users user1
+
# Create a new htpasswd file with the user "user1" using SHA-512 as hash method
+$ htpasswd -5 -c /path/to/users user1
 New password:
 Re-type new password:
 # Add another user
-$ htpasswd /path/to/users user2
+$ htpasswd -5 /path/to/users user2
 New password:
 Re-type new password:

 
Authentication can be enabled with the following configuration:

 
[auth]
 type = htpasswd
 htpasswd_filename = /path/to/users
-# encryption method used in the htpasswd file
-htpasswd_encryption = md5

+htpasswd_encryption = autodetect
The simple but insecure way
@@ -777,7 +776,7 @@ line arguments.

[auth] type = htpasswd htpasswd_filename = ~/.config/radicale/users -htpasswd_encryption = md5 +htpasswd_encryption = autodetect [storage] filesystem_folder = ~/.var/lib/radicale/collections @@ -793,7 +792,7 @@ optional.

like:

python3 -m radicale --server-hosts 0.0.0.0:5232,[::]:5232 \
         --auth-type htpasswd --auth-htpasswd-filename ~/.config/radicale/users \
-        --auth-htpasswd-encryption md5
+ --auth-htpasswd-encryption autodetect

Add the argument --config "" to stop Radicale from loading the default configuration files. Run python3 -m radicale --help for more information.

@@ -901,14 +900,14 @@ user2:password2 stream cipher. It's very secure. The installation of bcrypt is required for this.

md5 : This uses an iterated MD5 digest of the password -with a salt.

+with a salt (nowadays insecure).

sha256 : This uses an iterated SHA-256 digest of the password with a salt.

sha512 : This uses an iterated SHA-512 digest of the password with a salt.

autodetect : This selects autodetection of method per entry.

-

Default: md5

+

Default: autodetect

delay