Q&A: How are Passwords encrypted

Question

How are Passwords within UCS are encrypted?

Answer

Passwords are usually hashed and stored using SHA-512. The hashing method can be set via the UCR variable ‘password/hashing/method’.

root@ucs:~# ucr info password/hashing/method
password/hashing/method: SHA-512
 Selects the hash algorithm to use for saving passwords in the LDAP directory. Possible values are: "MD5": Less secure than the SHA methods, not recommended; "SHA-256": more secure than MD5; "SHA-512": more secure than MD5, recommended. (default if not or incorrectly set: "SHA-512", capitalisation is ignored).
 Categories: system-password