MD5 md5($pass.$salt) md5($salt.$pass) md5(utf16le($pass).$salt) md5($salt.utf16le($pass)) HMAC-MD5 (key = $pass) HMAC-MD5 (key = $salt) SHA1 sha1($pass.$salt) sha1($salt.$pass) sha1(utf16le($pass).$salt) sha1($salt.utf16le($pass)) HMAC-SHA1 (key = $pass) HMAC-SHA1 (key = $salt) MySQL323 MySQL4.1/MySQL5 phpass, WordPress (MD5), Joomla (MD5) phpass, phpBB3 (MD5) md5crypt, MD5 (Unix), Cisco-IOS $1$ (MD5) 2 Juniper IVE BLAKE2b-512 MD4 NTLM Domain Cached Credentials (DCC), MS Cache SHA-224 SHA-256 sha256($pass.$salt) sha256($salt.$pass) sha256(utf16le($pass).$salt) sha256($salt.utf16le($pass)) HMAC-SHA256 (key = $pass) HMAC-SHA256 (key = $salt) descrypt, DES (Unix), Traditional DES Apache $apr1$ MD5, md5apr1, MD5 (APR) 2 SHA-512 sha512($pass.$salt) sha512($salt.$pass) sha512(utf16le($pass).$salt) sha512($salt.utf16le($pass)) HMAC-SHA512 (key = $pass) HMAC-SHA512 (key = $salt) sha512crypt $6$, SHA512 (Unix) 2 STDOUT Domain Cached Credentials 2 (DCC2), MS Cache 2 Cisco-PIX MD5 Cisco-ASA MD5 WPA/WPA2 1 WPA/WPA2 PMK 14 md5(md5($pass)) LM Oracle H: Type (Oracle 7+), DES(Oracle) md5($salt.md5($pass)) md5($salt.$pass.$salt) md5(md5($pass).md5($salt)) md5($salt.md5($salt.$pass)) md5($salt.md5($pass.$salt)) md5(strtoupper(md5($pass))) md5(sha1($pass)) sha1(sha1($pass)) sha1($salt.sha1($pass)) sha1(md5($pass)) sha1(md5($pass).$salt) iSCSI CHAP authentication, MD5(CHAP) 7 sha1($salt.$pass.$salt) Half MD5 Password Safe v3 IKE-PSK MD5 IKE-PSK SHA1 NetNTLMv1 / NetNTLMv1+ESS NetNTLMv2 Cisco-IOS type 4 (SHA256) Samsung Android Password/PIN RIPEMD-160 Whirlpool TrueCrypt 5.0+ PBKDF2-HMAC-RIPEMD160 + AES TrueCrypt 5.0+ PBKDF2-HMAC-RIPEMD160 + Serpent TrueCrypt 5.0+ PBKDF2-HMAC-RIPEMD160 + Twofish TrueCrypt 5.0+ PBKDF2-HMAC-RIPEMD160 + AES-Twofish TrueCrypt 5.0+ PBKDF2-HMAC-RIPEMD160 + AES-Twofish-Serpent TrueCrypt 5.0+ PBKDF2-HMAC-RIPEMD160 + Serpent-AES TrueCrypt 5.0+ PBKDF2-HMAC-RIPEMD160 + Serpent-Twofish-AES TrueCrypt 5.0+ PBKDF2-HMAC-RIPEMD160 + Twofish-Serpent TrueCrypt 5.0+ SHA512 + AES TrueCrypt 5.0+ SHA512 + Serpent TrueCrypt 5.0+ SHA512 + Twofish TrueCrypt 5.0+ SHA512 + AES-Twofish TrueCrypt 5.0+ SHA512 + AES-Twofish-Serpent TrueCrypt 5.0+ SHA512 + Serpent-AES TrueCrypt 5.0+ SHA512 + Serpent-Twofish-AES TrueCrypt 5.0+ SHA512 + Twofish-Serpent TrueCrypt 5.0+ Whirlpool + AES TrueCrypt 5.0+ Whirlpool + Serpent TrueCrypt 5.0+ Whirlpool + Twofish TrueCrypt 5.0+ Whirlpool + AES-Twofish TrueCrypt 5.0+ Whirlpool + AES-Twofish-Serpent TrueCrypt 5.0+ Whirlpool + Serpent-AES TrueCrypt 5.0+ Whirlpool + Serpent-Twofish-AES TrueCrypt 5.0+ Whirlpool + Twofish-Serpent TrueCrypt 5.0+ PBKDF2-HMAC-RIPEMD160 + AES + boot TrueCrypt 5.0+ PBKDF2-HMAC-RIPEMD160 + Serpent + boot TrueCrypt 5.0+ PBKDF2-HMAC-RIPEMD160 + Twofish + boot TrueCrypt 5.0+ PBKDF2-HMAC-RIPEMD160 + AES-Twofish + boot TrueCrypt 5.0+ PBKDF2-HMAC-RIPEMD160 + AES-Twofish-Serpent + boot TrueCrypt 5.0+ PBKDF2-HMAC-RIPEMD160 + Serpent-AES + boot TrueCrypt 5.0+ PBKDF2-HMAC-RIPEMD160 + Serpent-Twofish-AES + boot TrueCrypt 5.0+ PBKDF2-HMAC-RIPEMD160 + Twofish-Serpent + boot AIX {smd5} AIX {ssha256} AIX {ssha512} 1Password, agilekeychain AIX {ssha1} LastPass + LastPass sniffed4 GOST R 34.11-94 FortiGate (FortiOS) OSX v10.8+ (PBKDF2-SHA512) GRUB 2 IPMI2 RAKP HMAC-SHA1 sha256crypt $5$, SHA256 (Unix) 2 Kerberos 5 AS-REQ Pre-Auth etype 23 SAP CODVN B (BCODE) SAP CODVN B (BCODE) mangled from RFC_READ_TABLE SAP CODVN F/G (PASSCODE) SAP CODVN F/G (PASSCODE) mangled from RFC_READ_TABLE Drupal7 Sybase ASE Citrix NetScaler 1Password, cloudkeychain DNSSEC (NSEC3) WBB3 (Woltlab Burning Board) RACF Lotus Notes/Domino 5 Lotus Notes/Domino 6 Android FDE <= 4.3 scrypt Password Safe v2 Lotus Notes/Domino 8 Cisco-IOS $8$ (PBKDF2-SHA256) Cisco-IOS $9$ (scrypt) MS Office 2007 MS Office 2010 MS Office 2013 MS Office ⇐ 2003 MD5 + RC4, oldoffice$0, oldoffice$1 MS Office ⇐ 2003 $0/$1, MD5 + RC4, collider #1 MS Office ⇐ 2003 $0/$1, MD5 + RC4, collider #2 MS Office ⇐ 2003 SHA1 + RC4, oldoffice$3, oldoffice$4 MS Office ⇐ 2003 $3, SHA1 + RC4, collider #1 MS Office ⇐ 2003 $3, SHA1 + RC4, collider #2 Radmin2 Django (PBKDF2-SHA256) SipHash CRAM-MD5 SAP CODVN H (PWDSALTEDHASH) iSSHA-1 PDF 1.1 - 1.3 (Acrobat 2 - 4) PDF 1.1 - 1.3 (Acrobat 2 - 4), collider #1 PDF 1.1 - 1.3 (Acrobat 2 - 4), collider #2 PDF 1.4 - 1.6 (Acrobat 5 - 8) PDF 1.7 Level 3 (Acrobat 9) PDF 1.7 Level 8 (Acrobat 10 - 11) SHA-384 PBKDF2-HMAC-SHA256 PrestaShop PostgreSQL CRAM (MD5) MySQL CRAM (SHA1) Bitcoin/Litecoin wallet.dat SIP digest authentication (MD5) CRC32 5 7-Zip GOST R 34.11-2012 (Streebog) 256-bit HMAC-Streebog-256 (key = $pass), big-endian HMAC-Streebog-256 (key = $salt), big-endian GOST R 34.11-2012 (Streebog) 512-bit HMAC-Streebog-512 (key = $pass), big-endian HMAC-Streebog-512 (key = $salt), big-endian PBKDF2-HMAC-MD5 PBKDF2-HMAC-SHA1 PBKDF2-HMAC-SHA512 eCryptfs Oracle T: Type (Oracle 12+) BSDiCrypt, Extended DES RAR3-hp ColdFusion 10+ Blockchain, My Wallet MS-AzureSync PBKDF2-HMAC-SHA256 Android FDE (Samsung DEK) RAR5 Kerberos 5 TGS-REP etype 23 AxCrypt AxCrypt in-memory SHA1 13 KeePass 1 AES / without keyfile KeePass 2 AES / without keyfile KeePass 1 Twofish / with keyfile Keepass 2 AES / with keyfile PeopleSoft PS_TOKEN WinZip VeraCrypt PBKDF2-HMAC-RIPEMD160 + AES VeraCrypt PBKDF2-HMAC-RIPEMD160 + AES-Twofish VeraCrypt PBKDF2-HMAC-RIPEMD160 + Serpent VeraCrypt PBKDF2-HMAC-RIPEMD160 + Serpent-AES VeraCrypt PBKDF2-HMAC-RIPEMD160 + Serpent-Twofish-AES VeraCrypt PBKDF2-HMAC-RIPEMD160 + Twofish VeraCrypt PBKDF2-HMAC-RIPEMD160 + Twofish-Serpent VeraCrypt PBKDF2-HMAC-SHA256 + AES VeraCrypt PBKDF2-HMAC-SHA256 + AES-Twofish VeraCrypt PBKDF2-HMAC-SHA256 + Serpent VeraCrypt PBKDF2-HMAC-SHA256 + Serpent-AES VeraCrypt PBKDF2-HMAC-SHA256 + Serpent-Twofish-AES VeraCrypt PBKDF2-HMAC-SHA256 + Twofish VeraCrypt PBKDF2-HMAC-SHA256 + Twofish-Serpent VeraCrypt PBKDF2-HMAC-SHA512 + AES VeraCrypt PBKDF2-HMAC-SHA512 + AES-Twofish VeraCrypt PBKDF2-HMAC-SHA512 + Serpent VeraCrypt PBKDF2-HMAC-SHA512 + Serpent-AES VeraCrypt PBKDF2-HMAC-SHA512 + Serpent-Twofish-AES VeraCrypt PBKDF2-HMAC-SHA512 + Twofish VeraCrypt PBKDF2-HMAC-SHA512 + Twofish-Serpent VeraCrypt PBKDF2-HMAC-Whirlpool + AES VeraCrypt PBKDF2-HMAC-Whirlpool + AES-Twofish VeraCrypt PBKDF2-HMAC-Whirlpool + Serpent VeraCrypt PBKDF2-HMAC-Whirlpool + Serpent-AES VeraCrypt PBKDF2-HMAC-Whirlpool + Serpent-Twofish-AES VeraCrypt PBKDF2-HMAC-Whirlpool + Twofish VeraCrypt PBKDF2-HMAC-Whirlpool + Twofish-Serpent VeraCrypt PBKDF2-HMAC-RIPEMD160 + boot-mode + AES VeraCrypt PBKDF2-HMAC-RIPEMD160 + boot-mode + AES-Twofish VeraCrypt PBKDF2-HMAC-RIPEMD160 + boot-mode + AES-Twofish-Serpent VeraCrypt PBKDF2-HMAC-SHA256 + boot-mode + Twofish VeraCrypt PBKDF2-HMAC-SHA256 + boot-mode + Serpent-AES VeraCrypt PBKDF2-HMAC-SHA256 + boot-mode + Serpent-Twofish-AES VeraCrypt PBKDF2-HMAC-SHA256 + boot-mode + PIM + AES 16 VeraCrypt Streebog-512 + XTS 512 bit VeraCrypt Streebog-512 + XTS 1024 bit VeraCrypt Streebog-512 + XTS 1536 bit Windows Phone 8+ PIN/password OpenCart DES (PT = $salt, key = $pass) 8 3DES (PT = $salt, key = $pass) 9 sha1(CX) LUKS 10 iTunes backup < 10.0 11 iTunes backup >= 10.0 11 Skip32 (PT = $salt, key = $pass) 12 FileZilla Server >= 0.9.55 Juniper/NetBSD sha1crypt Blockchain, My Wallet, V2 DPAPI master key file version 1 + local context ChaCha20 20 JKS Java Key Store Private Keys (SHA1) Ethereum Wallet, PBKDF2-HMAC-SHA256 Ethereum Wallet, SCRYPT DPAPI master key file version 2 + Active Directory domain context Tripcode TACACS+ Apple Secure Notes Ethereum Pre-Sale Wallet, PBKDF2-HMAC-SHA256 CRAM-MD5 Dovecot JWT (JSON Web Token) Electrum Wallet (Salt-Type 1-3) FileVault 2 WPA-PMKID-PBKDF2 1 WPA-PMKID-PMK 15 Ansible Vault PKZIP (Compressed) PKZIP (Uncompressed) PKZIP (Compressed Multi-File) PKZIP (Mixed Multi-File) PKZIP (Compressed Multi-File Checksum-Only) SHA3-224 SHA3-256 SHA3-384 SHA3-512 Keccak-224 Keccak-256 Keccak-384 Keccak-512 TOTP (HMAC-SHA1) Kerberos 5 AS-REP etype 23 Apple File System (APFS) Open Document Format (ODF) 1.2 (SHA-256, AES) sha1(md5(md5($pass))) Open Document Format (ODF) 1.1 (SHA-1, Blowfish) Java Object hashCode() Blockchain, My Wallet, Second Password (SHA256) Android Backup QNX /etc/shadow (MD5) QNX /etc/shadow (SHA256) QNX /etc/shadow (SHA512) sha1($salt1.$pass.$salt2) Ruby on Rails Restful-Authentication Kerberos 5 TGS-REP etype 17 (AES128-CTS-HMAC-SHA1-96) Kerberos 5 TGS-REP etype 18 (AES256-CTS-HMAC-SHA1-96) Kerberos 5, etype 17, Pre-Auth Kerberos 5, etype 18, Pre-Auth DiskCryptor SHA512 + XTS 512 bit (AES) DiskCryptor SHA512 + XTS 512 bit (Twofish) DiskCryptor SHA512 + XTS 512 bit (Serpent) DiskCryptor SHA512 + XTS 1024 bit (AES-Twofish) DiskCryptor SHA512 + XTS 1024 bit (Twofish-Serpent) DiskCryptor SHA512 + XTS 1024 bit (Serpent-AES) DiskCryptor SHA512 + XTS 1536 bit (AES-Twofish-Serpent) Python passlib pbkdf2-sha512 Python passlib pbkdf2-sha256 Python passlib pbkdf2-sha1 PKZIP Master Key PKZIP Master Key (6 byte optimization) 17 Oracle Transportation Management (SHA256) sha256(sha256($pass).$salt) sha256(md5($pass)) md5(sha1($pass).md5($pass).sha1($pass)) BitShares v0.x - sha512(sha512_bin(pass)) sha1(md5($pass.$salt)) md5(sha1($salt).md5($pass)) md5($salt.sha1($salt.$pass)) sha256(sha256_bin(pass)) SolarWinds Orion Web2py pbkdf2-sha512 Electrum Wallet (Salt-Type 4) Electrum Wallet (Salt-Type 5) WPA-PBKDF2-PMKID+EAPOL 1 WPA-PMK-PMKID+EAPOL 18 BitLocker Citrix NetScaler (SHA512) sha256($salt.$pass.$salt) AES Crypt (SHA256) MultiBit Classic .key (MD5) Telegram Desktop App Passcode (PBKDF2-HMAC-SHA1) MultiBit HD (scrypt) RSA/DSA/EC/OpenSSH Private Keys ($0$) * RSA/DSA/EC/OpenSSH Private Keys ($6$) * RSA/DSA/EC/OpenSSH Private Keys ($1, $3$) * RSA/DSA/EC/OpenSSH Private Keys ($4$) * RSA/DSA/EC/OpenSSH Private Keys ($5$) * SecureZIP AES-128 SecureZIP AES-192 SecureZIP AES-256 Apple Keychain XMPP SCRAM PBKDF2-SHA1 Apple iWork * Bitwarden 21 * AxCrypt 2 AES-128 * AxCrypt 2 AES-256 * RAR3-p (Uncompressed) * RAR3-p (Compressed) * Plaintext