The one place for your designs
To enable design management, you'll need to meet the requirements. If you need help, reach out to our support team for assistance.
Improve Icecast htpasswd hash storage security
Currently Icecast uses unsalted md5 hashes of passwords. Once an attacker obtains access to those the risk is high that simple passwords will be broken by simple md5 look-up through web search.
We should move to using bcrypt, as it's license permits us to incorporate it, also it should allow us to be compatible with the standard htpasswd(1) manipulation tool.
In the meanwhile using forwarded http authentication potentially offers higher security by deferring authentication to another http server.