How do I hash a password with openssl?

Another command of openssl is passwd, which hashes passwords. Here’s an example:

$ openssl passwd -salt 2y5i7sg24yui secretpassword
Warning: truncating password to 8 characters
2yCjE1Rb9Udf6

This hashes the password “secretpassword” with the given salt. The hash algorithm used is crypt, a weak algorithm considered obsolete. Flags can change the hash algorithm (e.g. -1 uses MD5), but there are no password hashes (e.g. bcrypt) in this list. This seems pretty shit.

Notice “truncating password to 8 characters”. This means that all passwords with the same eight character prefix will produce the same hash:

$ openssl passwd -salt 2y5i7sg24yui secretpasomethingelse
Warning: truncating password to 8 characters
2yCjE1Rb9Udf6

This is a behavior of the crypt algorithm. I can’t find any good reason for it on the web. Again, it seems pretty shit.

I just released Vidrio, a free app for macOS and Windows to make your screen-sharing awesomely holographic. Vidrio shows your webcam video on your screen, just like a mirror. Then you just share or record your screen with Zoom, QuickTime, or any other app. Vidrio makes your presentations effortlessly engaging, showing your gestures, gazes, and expressions. #1 on Product Hunt. Available for macOS and Windows.

With Vidrio

With generic competitor

More by Jim

Tagged . All content copyright James Fisher 2017. This post is not associated with my employer. Found an error? Edit this page.