Tag Archives: md5

Switching from MD5 to Blowfish/SHA512 password hashes in FreeBSD

By default, FreeBSD uses MD5 hashes for its encrypted passwords for users (SHA512 for FreeBSD 9.1+).  However, blowfish is available in all recent versions of FreeBSD and it’s really easy to change the default…

edit the file /etc/login.conf and change the following line:


To read the following:


Then rebuild the login database with the following command:

cap_mkdb /etc/login.conf

Now all passwords you change or set when adding a user will be encrypted using blowfish.  You can change your current password with passwd and when changed, your password will be blowfish encrypted.

If your system uses MD5, it’s preferrable to change over to Blowfish as it’s more secure… However, if your system supports SHA512 you should prefer this (passwd_format=sha512) – except for very few situations. (SHA512 is supported in FreeBSD 9.1+ only)

DirectAdmin requires the system to use md5 not blowfish or sha512, otherwise you will never be able to login to your DA web console.