yescrypt is a cryptographic key derivation function used for password hashing on Fedora Linux,1 Debian,2 Ubuntu,3 and Arch Linux.4 The function is more resistant to offline password-cracking attacks than SHA-512.5 It is based on scrypt.5
It was designed by Alexander Peslyak, also known as Solar Designer, to be highly resistant to hardware-accelerated brute-force attacks. It features enhanced memory-hardness and "strongly sequential" processing, which reduces the threat of large-scale cracking attempts using GPUs, FPGAs, and ASICs. Attacks that rely on parallelization are made more resource-intensive by yescrypt requiring a substantial amount of RAM to compute a single hash. These security benefits and its scalability have led to its adoption as the default password-hashing scheme for several major Linux distributions, where it is identifiable in the /etc/shadow file by the $y$ prefix.
References
References
- "Changes/yescrypt as default hashing method for shadow". Retrieved 2023-10-10.
- "Chapter 5. Issues to be aware of for bullseye". Retrieved 2023-10-12.
- "yescript replaces sha512 for password hashing". Retrieved 2023-10-12.
- "Arch Linux - Changes to default password hashing algorithm and umask settings". Retrieved 2023-10-10.
- "yescrypt". Retrieved 2023-10-10.