If you are a learn-by-doing type, you can confirm for yourself that both htpasswd and Perl's crypt() are doing the same thing. Use htpasswd and then look at the resulting encrypted password. Then at the command line, paste that encrypted word as the seed into the following line (substituting your own values for "PassWord" and "htpasswdCrypted"): perl -e 'print crypt("PassWord", "htpasswdCrypted"), "\n"' Then chop off the first two characters of the encrypted password and do it again: perl -e 'print crypt("PassWord", "ht"), "\n"' In both cases, Perl should spit back the same encryption you obtained with htpasswd. Given a seed, crypt() uses the first two characters (ignoring the rest) and does its magic -- giving back the seed as the first two characters again so that the encrypted password carries its own seed.

You may need this capability later to authenticate a specific password if you are doing this under program control. On the other hand, Apache chooses a random seed for you and then later handles the authentication itself. No need to ask Apache to confirm a password from a given seed.

See crypt.