Generate salted password with OpenSSL example

Problem :

You need to generate a salted MD5 password string for new users registration. For example, you are IT administrator that responsible for creating new user account for new employees. Or you are a blog owner and you want to create a new account for additional authors to use your blog. Most of the time, you will need to store the salted MD5 password string and salt in separately fields in a table. How to generate salt and password?

Solutions :

1. Generate passwords with online tools. You can search for keywords such as password generators. However, most of these online tools do not provide the salt string separately from the password.

2. Use openssl to generate salted password.

Executing

>openssl passwd -1 'new_password'

will produce :

$1$41vJBlpE$3J.9yvly.VCxelQpCaS3e.

Where 41vJBlpE is the salt and 3J.9yvly.VCxelQpCaS3e. is the password. The salt is always located in the second $...$ block.

Bear in mind that the password will be different each time openssl generates new password. This is because of the random salt used to salt the password.

If you want to have consistent password generation, you can choose to use a fix salt for the password generation. Not recommended, but if you have valid reason to do so, you can use this command :

>openssl passwd -salt "*e#12bh1X" -1 'new_password'

and no matter how many times you generate the new passwords with the same salt and password, you will get the same MD5 salted password

$1$*e#12bh1$ECq2E2MqDIp2PUoqB1hld.

Reference :

https://www.openssl.org/docs/manmaster/apps/passwd.html