Password HashingΒΆ
sha512
sha512
sha512
sha512
yescrypt
yescrypt
The system password used for logging into Ubuntu is stored in /etc/shadow
.
Historically, very old-style password hashes were based on DES and visible in /etc/passwd
. Modern Linux has long since moved to /etc/shadow
and used salted MD5-based hashes (crypt id 1) for password verification. Since MD5 is considered weak, Ubuntu 8.10 and later proactively moved to using salted SHA-512-based password hashes (crypt id 6), which are significantly harder to brute-force.
Ubuntu 22.04 LTS and later switched to yescrypt
to provide increased protection against offline password cracking.
For more details, see the crypt manpage.
Regression tests: test-glibc-security.py.