PHPackages zonuexe/apr1-md5 - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. zonuexe/apr1-md5 ActiveLibrary zonuexe/apr1-md5 ================ Apache's APR1-MD5 algorithm in pure PHP 2.0.0(3y ago)04MITPHPPHP >=7.3 Since Dec 21Pushed 3y agoCompare [ Source](https://github.com/zonuexe/apr1-md5)[ Packagist](https://packagist.org/packages/zonuexe/apr1-md5)[ Docs](https://github.com/whitehat101/apr1-md5)[ RSS](/packages/zonuexe-apr1-md5/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (1)Dependencies (2)Versions (2)Used By (0) Apache's APR1 MD5 Hashing Algorithm in PHP ========================================== [](#apaches-apr1-md5-hashing-algorithm-in-php) [![Build Status](https://camo.githubusercontent.com/0f342c2dbbb4af0e2632a898fba5603d8d2656ab5b0d9b24f0f3f5ce9c4005c3/68747470733a2f2f7472617669732d63692e6f72672f77686974656861743130312f617072312d6d64352e737667)](https://travis-ci.org/whitehat101/apr1-md5) There is no way that the best way to generate Apache's apr1-md5 password hashes is from a [7-year-old comment on php.net](http://www.php.net/manual/en/function.crypt.php#73619). Only a n00b would trust a crypto algorithm from a non-security website's forum. Sadly, that is how the PHP community has accessed this algorithm, until now. Here is a tested, referenced, documented, and packaged implementation of Apache's APR1 MD5 Hashing Algorithm in pure PHP. Install ------- [](#install) composer.json: ``` { "require": { "zonuexe/apr1-md5": "~1.0" } } ``` Use --- [](#use) ``` use zonuexe\Apr1md5; // Check plaintext password against an APR1-MD5 hash echo Apr1md5::check('plaintext', '$apr1$PVWlTz/5$SNkIVyogockgH65nMLn.W1'); // Hash a password with a known salt echo Apr1md5::hash('PASSWORD', '__SALT__'); // Hash a password with a secure random salt echo Apr1md5::hash('PASSWORD'); // Generate a secure random salt echo Apr1md5::salt(); ``` The ideal `__SALT__` is an 8 character string. Valid salts are alphanumeric and `.` or `/`. Shorter salts are allowed. Longer salts are truncated after the 8th character. Generate Hashes via Other Tools ------------------------------- [](#generate-hashes-via-other-tools) ### htpasswd [](#htpasswd) ``` $ htpasswd -nmb apache apache apache:$apr1$rOioh4Wh$bVD3DRwksETubcpEH90ww0 $ htpasswd -nmb ChangeMe1 ChangeMe1 ChangeMe1:$apr1$PVWlTz/5$SNkIVyogockgH65nMLn.W1 $ htpasswd -nmb WhiteHat101 WhiteHat101 WhiteHat101:$apr1$HIcWIbgX$G9YqNkCVGlFAN63bClpoT/ ``` ### openssl [](#openssl) ``` $ openssl passwd -apr1 -salt rOioh4Wh apache $apr1$rOioh4Wh$bVD3DRwksETubcpEH90ww0 $ openssl passwd -apr1 -salt PVWlTz/5 ChangeMe1 $apr1$PVWlTz/5$SNkIVyogockgH65nMLn.W1 $ openssl passwd -apr1 -salt HIcWIbgX WhiteHat101 $apr1$HIcWIbgX$G9YqNkCVGlFAN63bClpoT/ ``` Testing ------- [](#testing) ``` composer install vendor/bin/phpunit ``` ### Health Score 19 — LowBetter than 10% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity3 Limited adoption so far Community8 Small or concentrated contributor base Maturity40 Maturing project, gaining track record Bus Factor1 Top contributor holds 83.3% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 1237d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/e1cc4bc1729b858086681a12494fda6cced8f26db3d0928ae4d81c68ddf8dc06?d=identicon)[zonuexe](/maintainers/zonuexe) --- Top Contributors [![whitehat101](https://avatars.githubusercontent.com/u/1093593?v=4)](https://github.com/whitehat101 "whitehat101 (10 commits)")[![zonuexe](https://avatars.githubusercontent.com/u/822086?v=4)](https://github.com/zonuexe "zonuexe (2 commits)") --- Tags MD5apr1 ### Code Quality TestsPHPUnit Static AnalysisPHPStan Type Coverage Yes ### Embed Badge ![Health badge](/badges/zonuexe-apr1-md5/health.svg) ``` [![Health](https://phpackages.com/badges/zonuexe-apr1-md5/health.svg)](https://phpackages.com/packages/zonuexe-apr1-md5) ``` ### Alternatives [whitehat101/apr1-md5 Apache's APR1-MD5 algorithm in pure PHP 349.7M10](/packages/whitehat101-apr1-md5)[poly-crypto/poly-crypto High-level cryptographic functions that are interoperable between NodeJS and PHP 7.1+ 127.8k1](/packages/poly-crypto-poly-crypto) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)