How do I hash a password with openssl?

Another command of openssl is passwd, which hashes passwords. Here’s an example:

$ openssl passwd -salt 2y5i7sg24yui secretpassword
Warning: truncating password to 8 characters

This hashes the password “secretpassword” with the given salt. The hash algorithm used is crypt, a weak algorithm considered obsolete. Flags can change the hash algorithm (e.g. -1 uses MD5), but there are no password hashes (e.g. bcrypt) in this list. This seems pretty shit.

Notice “truncating password to 8 characters”. This means that all passwords with the same eight character prefix will produce the same hash:

$ openssl passwd -salt 2y5i7sg24yui secretpasomethingelse
Warning: truncating password to 8 characters

This is a behavior of the crypt algorithm. I can’t find any good reason for it on the web. Again, it seems pretty shit.

Tagged #password-hashing, #openssl, #tls, #security, #cryptography, #c, #programming.

Similar posts

More by Jim

Want to build a fantastic product using LLMs? I work at Granola where we're building the future IDE for knowledge work. Come and work with us! Read more or get in touch!

This page copyright James Fisher 2017. Content is not associated with my employer. Found an error? Edit this page.