Switching from plain-text to hashed passwords on production server

**Operating system:Debian 10
**OS version:6.14

I have existing server with few domains and multiple users and databases.Passwords are stored as plain texts currently but I would like to use only hashed passwords from now on.

Is it OK if I use “Re-Run Install Wizard” and set it to store only hashed passwords? What will happen to my existing passwords, will they be left untouched?



I believe like most settings, when you change this it will only take effect for “new” virtual servers not existing ones. If you change the password for a virtual server after making the setting change, it may apply the new policy to that virtual server.

Perhaps @Joe can chime in when he has a moment to clarify.

Oh, and you don’t have to re-run the setup wizard to make this change. You can go into

Virtualmin > System Settings >  Server Templates > Default Settings

Then navigate to

Administration User

You’ll see the option there listed under

Store clear text passwords?

Hope this helps, and if my suggestion above works, feel free to clarify here.

*** You’ll know a virtual server is using a “hashed password” if, when you go to “Edit Virtual Server” page you can no longer preview the password under “Configurable Settings > Administration Password” ***

Best Regards,
Peter Knowles | TPN Solutions

@tpnsolutiosn thanks,

That’s exactly what happened - existing virtual servers are intact and have plain text passwords while the ones created afterwards have hashed passwords.

For reference,

I can also confirm that “manual” method described in this comment on old post can still be used to set existing servers to use hashed passwords.

Only except that the line with hashpass field is already in the file, just set it to 1.

1 Like

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.