To use a different algorithm for password encryption, edit the /etc/security/policy.conf file. By default, user passwords are encrypted with the crypt_sha256 algorithm. The algorithm is represented by the identifier 5 assigned to the CRYPT_DEFAULT parameter in the file. To switch to another algorithm, assign a different identifier. For a list of password encryption algorithms and their corresponding identifiers, see Table 1–1.
Note that the new algorithm applies only to password encryption for new users. For existing users, the previous algorithm remains operative if it remains defined in the CRYPT_ALGORITHMS_ALLOW parameter and is not unix. To see how encryption is implemented in this case, see Algorithms Configuration in the policy.conf File. To include existing users under the new password encryption algorithm, remove the previous algorithm from the CRYPT_ALGORITHMS_ALLOW parameter as well.
For more information about configuring the algorithm choices, see the policy.conf (4) man page.