I need to restrict some webpages to certain users and I do this using a .htpasswd file through nginx.
The problem is I need to add other people's bcrypt password hashes to my .htpasswd file. Would it be possible for them to generate it using htpasswd on their own machine (could be windows, mac, linux), and then give me the resulting hash? I would add this hash to the .htpasswd file.
The other problem is I think bcrypt uses salts to generate the hashes. If they generate a bcrypt hash on their own computer with their own salt, wouldn't this be a problem since the server wont' have that salt value? Conversely, if bcrypt doesn't use salts but if I want to use salts, how would I solve this problem?