How do I hash a password with
Another command of
passwd, which hashes passwords. Here’s an example:
$ openssl passwd -salt 2y5i7sg24yui secretpassword Warning: truncating password to 8 characters 2yCjE1Rb9Udf6
This hashes the password “secretpassword” with the given salt. The hash algorithm used is crypt, a weak algorithm considered obsolete. Flags can change the hash algorithm (e.g.
-1 uses MD5), but there are no password hashes (e.g. bcrypt) in this list. This seems pretty shit.
Notice “truncating password to 8 characters”. This means that all passwords with the same eight character prefix will produce the same hash:
$ openssl passwd -salt 2y5i7sg24yui secretpasomethingelse Warning: truncating password to 8 characters 2yCjE1Rb9Udf6
This is a behavior of the crypt algorithm. I can’t find any good reason for it on the web. Again, it seems pretty shit.
More by Jim
- The inception bar: a new phishing method
- The hacker hype cycle
- Project C-43: the lost origins of asymmetric crypto
- How Hacker News stays interesting
- My parents are Flat-Earthers
- The dots do matter: how to scam a Gmail user
- The sorry state of OpenSSL usability
- I hate telephones
- The Three Ts of Time, Thought and Typing: measuring cost on the web
- Granddad died today
- Your syntax highlighter is wrong
Tagged . All content copyright James Fisher 2017. This post is not associated with my employer. Found an error? Edit this page.