How do I hash a password with
Another command of
passwd, which hashes passwords. Here’s an example:
$ openssl passwd -salt 2y5i7sg24yui secretpassword Warning: truncating password to 8 characters 2yCjE1Rb9Udf6
This hashes the password “secretpassword” with the given salt. The hash algorithm used is crypt, a weak algorithm considered obsolete. Flags can change the hash algorithm (e.g.
-1 uses MD5), but there are no password hashes (e.g. bcrypt) in this list. This seems pretty shit.
Notice “truncating password to 8 characters”. This means that all passwords with the same eight character prefix will produce the same hash:
$ openssl passwd -salt 2y5i7sg24yui secretpasomethingelse Warning: truncating password to 8 characters 2yCjE1Rb9Udf6
This is a behavior of the crypt algorithm. I can’t find any good reason for it on the web. Again, it seems pretty shit.
I wrote this because I'm learning SSL by working through the CLI tool commands. This post is not associated with my employer. This site is hosted by Netlify (who are great, but I'm not associated with them either).