basic auth not working 100%

Boris Dolgov boris at
Wed Apr 7 20:07:04 MSD 2010

On Wed, Apr 7, 2010 at 7:33 PM, AMP Admin <admin at> wrote:
> On one of my boxes I noticed that if the password is only half the string it
> will authenticate.
> Should be:
> Username: tester
> Pass: ThisPassword1234#&^
> But the following authenticates:
> Username: tester
> Pass: ThisPassword
> Can anyone confirm this behavior?

ThisPass will also authenticate - crypt() uses only first 8 symbols of
the password.

Boris Dolgov.

More information about the nginx mailing list