From b9bb46815d6ed9c88be977704c1b2fc04ae64d1c Mon Sep 17 00:00:00 2001
From: Unrud <unrud@openaliasbox.org>
Date: Mon, 29 May 2017 02:04:36 +0200
Subject: [PATCH] Add instructions for plain htpasswd to Basic Setup

---
 setup.md | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/setup.md b/setup.md
index 3480a259..a692b8a6 100644
--- a/setup.md
+++ b/setup.md
@@ -29,7 +29,9 @@ If the server is reachable over a network, you should change this.
 First a `users` file with all user names and passwords must be created.
 It can be stored in the same directory as the configuration file.
 
-The file can be created and managed with
+### The secure way
+
+The `users` file can be created and managed with
 [htpasswd](https://httpd.apache.org/docs/current/programs/htpasswd.html):
 ```shell
 # Create a new htpasswd file with the user "user1"
@@ -57,6 +59,25 @@ htpasswd_filename = /path/to/users
 htpasswd_encryption = bcrypt
 ```
 
+### The simple but insecure way
+
+Create the `users` file by hand with lines containing the user name and
+password separated by `:`. Example:
+
+```
+user1:password1
+user2:password2
+```
+
+Authentication can be enabled with the following configuration:
+```ini
+[auth]
+type = htpasswd
+htpasswd_filename = /path/to/users
+# encryption method used in the htpasswd file
+htpasswd_encryption = plain
+```
+
 ## Addresses
 
 The default configuration binds the server to localhost. It can't be reached