Since we’re not going to implement encryption and I don’t want to add more dependencies to the default install, I think we have to use SHA512.
@Jamie, we probably should allow specifying more rounds, though (5000 is the default, which is insufficient today…OWASP recommends 210000 for SHA512), if we don’t already. I do this for passwords on some embedded device I work on in my day job:
Thanks for the reply.
So what type of encryption should I set so I can can change password through virtualmin? Setting to SHA512 still throws an error. Should I restart webmin after changing encryption?
… Administration user failed! : virtualmin-htpasswd::mailbox_modify failed : Your system has yescrypt passwords enabled, but the crypt function does not support this format. To force the use of normal encrypted passwords, adjust your module configuration.