When setting user passwords, some default values are applied. Some of these values are read from the configuration file /etc/default/passwd. This file works the same way as the login.defs file: variables are used to set defaults for given parameters. Only one variable is of interest, but it is an important variable because it specifies the encryption algorithm that should be used. The CRYPT variable is used for this purpose. The default value is des. As an alternative, you can use md5 and blowfish. The advantage of des is its compatibility. For more options, use blowfish. This is, for example, the only algorithm that allows you to use passwords longer than eight characters. The md5 algorithm should be used only as a last resort, because it is rather unsecure.
Was this article helpful?