Provided by: passwd_4.1.4.2+svn3283-3ubuntu5_i386 bug


       The following configuration variables in /etc/login.defs change the
       behavior of this tool:

           When ENCRYPT_METHOD is set to SHA256 or SHA512, this defines the
           number of SHA rounds used by the encryption algorithm by default
           (when the number of rounds is not specified on the command line).

           With a lot of rounds, it is more difficult to brute forcing the
           password. But note also that more CPU resources will be needed to
           authenticate users.

           If not specified, the libc will choose the default number of rounds

           The values must be inside the 1000-999999999 range.

           If only one of the SHA_CRYPT_MIN_ROUNDS or SHA_CRYPT_MAX_ROUNDS
           values is set, then this value will be used.

           If SHA_CRYPT_MIN_ROUNDS > SHA_CRYPT_MAX_ROUNDS, the highest value
           will be used.

           Note: This only affect the generation of group passwords. The
           generation of user passwords is done by PAM and subject to the PAM
           configuration. It is recommended to set this variable consistently
           with the PAM configuration.




           PAM configuration for chpasswd.

       passwd(1), newusers(8), login.defs(5), useradd(8).

                                  04/09/2012                       chpasswd(8)