The 7705 SAR supports two algorithms for user password hashing: bcrypt, which is the default algorithm, and PBKDF2. The PBKDF2 algorithm uses the SHA-2 and SHA-3 sets of cryptographic hash functions for password hashing.
A system administrator can change the default bcrypt password hashing algorithm to the PBKDF2 algorithm using the config>system>security>password>hashing command.
When the password hashing algorithm is changed to PBKDF2 SHA-2 or PBKDF2 SHA-3, users must change their passwords using the /password command to use the new hashing algorithm. The system administrator must then perform an admin>save command to store the new user passwords in the system configuration file.
After a password hashing change, any user logging in to the system who did not update their password to use the new hashing algorithm will be prompted to enter their old password the next time they log in. When the password is entered successfully, the user will be prompted to enter a new password that will be hashed using the new algorithm.