dmorison - 8:38 pm on Nov 19, 2003 (gmt 0)

they decrypt the .htaccess/.htpasswd files?

Just to clear things up on the subject of .htpasswd; remember that you cannot "decrypt" entries in .htpasswd since they are only one-way hash values, not encrypted passwords.

Instead; as EliteWeb is referring to, "hackers" (or more correctly "crackers") perform a dictionary attack on entries in .htpasswd by comparing the hashed values of thousands of known passwords with those in your .htpasswd file.