Internal_users.yml change hash algorithm

Hey everyone,

in the internal_users.yml file you can set internal users. Is it possible to use SHA512 hash for the password instead of bcrypt for compliance reasons. If so, how do you do it?

Take care and stay safe!



I need this information, too.


Hi @erhan

I’ve tried to use SHA512 encrypted password in internal_users.yml and the security plugin failed to initialize.
Only the bcrypt worked for me. Also, in documentation, only the bcrypt hashing is mentioned.

I am also interested in having an option to change the hashing algorithm for improved security.
I see that ElasticSearch has configuration values for
password hashing algorithms, Security settings in Elasticsearch | Elasticsearch Guide [7.9] | Elastic, but I am not sure if that was part of additional enterprise features.

@conicob I’d suggest opening a feature request in the OpenSearch GitHub

Please share the GitHub issue here.