Simplified:
You enter a password, the system checks it against the stored hash using the defined hash algo.
Most of them come with a "cpu time cost" parameter.
yescrypt f.e. offers level 1 to 11.
If you enter a password it will check it against the hash using level 1. If the hashes
/1
match (and therefore the password is confirmed) the procedure ends. If not it's checked using level 2. Match -> exit, not matching level 3.... this goes until level 11.
If the password hash and the save hash still not match authentification will fail.
Will show the prefix for the methods used for the users password hashing (but not CPU Time cost parameter, the authentification has to perform trial and error)
Comments
You enter a password, the system checks it against the stored hash using the defined hash algo.
Most of them come with a "cpu time cost" parameter.
yescrypt f.e. offers level 1 to 11.
If you enter a password it will check it against the hash using level 1. If the hashes
/1
If the password hash and the save hash still not match authentification will fail.
https://manpages.debian.org/unstable/libcrypt-dev/crypt.5.en.html
sudo grep '\$' /etc/shadow
Will show the prefix for the methods used for the users password hashing (but not CPU Time cost parameter, the authentification has to perform trial and error)