Password Hashes

With all of the hashing algorithms out there, I was curious as to how different operating systems hashed passwords and what I found was interesting. If you're new to cryptography, here are some phrases you may not know:
[MD5, SHA1, Salt, PBKDF2, SHA256, SHA512, Key Strengthening/Key Stretching, Psuedorandom Function]

Arch Linux

Starting in alphabetical order, there's Arch. I found a reference to MD5 and SHA512 on the Arch wiki page for SHA password hashes.
The page goes on to say "If your current password was created with shadow version prior to (2011-11-26) you are using MD5. To start using a SHA-512 hash you just need to change your password with passwd." There's also more about key strengthening with multiple rounds which is something I'd recommend reading. There's a good chance that up-to-date Arch systems are using SHA-512. If you run an Arch system and would like to check, run cat /etc/shadow as root and if any user's password starts with $1$ it's MD5, whereas $6$ will be SHA-512.

Debian Linux

With Debian, the Securing Debian Manual's section - Password security in PAM, it states that since Debian Squeeze (6.0) SHA-512 is default. Seeing as the current stable is Stretch (9.0), you've probably got SHA-512 protecting your password(s). You can always run cat /etc/shadow as root and verify just like with Arch above!


The Django docs has a page called Password management in Django and the How Django stores passwords section within states "By default, Django uses the PBKDF2 algorithm with a SHA256 hash".


Joomla employs a far weaker hash as stated within the doc page How do you recover or reset your admin password? as it says MD5 with a salt is used. Had to dig a little deeper to find out how long the default salt actually is. Luckily, came across the release notes for Joomla 1.0.13 and within the Improved Password Storage System section it reads "Joomla! 1.0.13 now features salted hashes which will automatically pad a password string with 16 randomly generated characters". So this is actually far better than just MD5 by itself.


The on disk-format LUKS standard (PDF) goes into detail with "LUKS uses SHA1 per default as the pseudorandom function (PRF) but any other hash function can be put in place by setting the hash-spec field." That hash-spec field is actually pretty important, seeing as certain distros change this. Debian and Ubuntu for example will set this default to SHA-256. You can verify what your distro is using by running cryptsetup luksDump /dev/your_luks_partition and checking for Hash spec.


Running the command sudo defaults read /var/db/dslocal/nodes/Default/users/USERNAME.plist ShadowHashData|tr -dc 0-9a-f|xxd -r -p|plutil -convert xml1 - -o - (replacing USERNAME with your username) will give a nice XML file. Within that file it reads SALTED-SHA512-PBKDF2 which is the strongest we've seen so far within this list! This question on StackOverflow helped answer this.

Red Hat Enterprise Linux

The RHEL 6 Security Guide's second chapter "Securing Your Network" has a section called 2.1.3. Password Security which states that the default is SHA512, as well as shadow passwords. SHA512 appears to be the standard in the Linux world.

Windows 10

The man behind Mimikatz Benjamin Delphy posted on Twitter in regards to the Anniversary Update (1607). Since this update, the MD4 hash used for passwords is encrypted with AES128. - This StackExchange post certainly helped with research!


This one's a doozy. So, the WordPress Codex section titled Resetting Your Password references the old style which is a single round of MD5. The reference page for the wp_hash_password functiongoes on about the new style which is 8 rounds of MD5. That's not all though.. There's the wp_check_password function which says that if you're using the old style, it'll switch to the new style. wp_hash_password's description details it:

Unless the global $wp_hasher is set, the default implementation uses PasswordHash,
which adds salt to the password and hashes it with 8 passes of MD5.
MD5 is used by default because it's supported on all platforms.
You can configure PasswordHash to use Blowfish or extended DES (if available)
instead of MD5 with the $portable_hashes constructor argument or property

You can even configure PasswordHash to use extended DES instead of MD5!

Questions/Comments/Issues? Feel free to contact me using the methods below.