Impress your friends with your /etc/shadow knowledge!

This website helps you figure out the password format from /etc/shadow files

All shadow hash formats (MCF / PHC string format)

Scheme Prefix
  (no prefix) des_crypt
_ bsdi_crypt
$1$ md5_crypt
$2$ bcrypt (original version)
$2a$ bcrypt (first rev)
$2x$ crypt_blowfish-specific (bugged)
$2y$ crypt_blowfish-specific (fixed)
$2b$ bcrypt (second rev, post 2014)
$3$ bsd_nthash
$5$ sha256_crypt
$6$ sha512_crypt
$md5$ sun_md5_crypt
$md5, sun_md5_crypt
$sha1$ sha1_crypt
$apr1$ apr_md5_crypt
$argon2i$ argon2
$argon2d$ argon2
$argon2id$ argon2
$bcrypt-sha256$ bcrypt_sha256
$P$ phpass (WordPress, Joomla)
$H$ phpass (phpBB)
$pbkdf2$ pbkdf2_sha1
$pbkdf2-sha256$ pbkdf2_sha256
$pbkdf2-sha512$ pbkdf2_sha512
$p5k2$ (ending with =) cta_pbkdf2_sha1
$p5k2$ (not ending with =) dlitz_pbkdf2_sha1
$scrypt$ scrypt


Because I can't remember every MCF hash format and I don't want to search in the PassLib/shadow/hashcat documentation everytime. I'm lazy.

Why should I submit my passwords?
You don't need to. It's just easier to do so. You can look up the format manually.

But what if you are logging them?
I'm not logging them.
Even if I were, if your passwords are strong enought I couldn't crack them, otherwise you should feel ashamed.

Buut why don't you make a client-side app?
I hate Javascript.

Buuut can I see the source code?
For sure, it's on Github


Why you don't support *insert hash*?
This website only supports hash format for common /etc/shadow hashes, if you want to analyze a generic hash you can use CyberChef Analyze Hash.

Tell me more about the Modular Crypt Format and other Hash format
The MCF is a de-facto standard defined by the PassLib developers trying to standardize the /etc/shadow hash format across *nix distributions
A newer standardization attempt is the PHC string format defined for the Password Hashing Competition in 2016.
You can read more at the following links: