ENCRYPT_METHOD (string) This defines the system default encryption algorithm for encrypting passwords (if no algorithm are specified on the command line). It can take one of these values: DES (default), MD5, SHA256, SHA512. MD5 and DES should not be used for new hashes, see crypt5 for recommendations. Note: this parameter overrides the MD5_CRYPT_ENAB variable. Note: This only affect the generation of group passwords. The generation of user passwords is done by PAM and subject to the PAM configuration. It is recommended to set this variable consistently with the PAM configuration.