I usually use long passwords for my machines, but I heard that it's possible to increase the number of hashing rounds and get the same security with a shorter one. How would I make my system use more rounds when hashing the password?
Asked
Active
Viewed 7,949 times
1 Answers
7
The number of rounds can be set by modifying the file /etc/pam.d/common-password. The relevant line is the one containing the pam_unix.so module. Add rounds=<n> at the end of the line to use <n> rounds for subsequent password changes.
Verify the setting by adding a user, e.g., by doing adduser test1. After adding the user, the /etc/shadow file should contain a line starting with test1:$6$rounds=<n>$.... Don't forget to delete the test user afterwards (deluser test1).
If everything looks good, change the passwords for all relevant users to apply the increased number of rounds to their hashes.
More information on pam_unix parameters can be found in the man page (man pam_unix).
Marian Rainer-Harbach
- 486
- 1
- 3
- 10