Translations:Dm-crypt full disk encryption/14/en

LUKS uses PBKDF2 for key derivation. In essence, the supplied passphrase by the user is combined with a salt and hashed a specified number of rounds. This key stretching makes the password more secure against brute force attacks. The hash function used in PBKDF2 can be set via. The default is  and can (depending on taste) be changed to another secure hash algorithm. The total number of iterations is determined by the speed of the current hardware and can be influenced by setting the number of milliseconds that shall be spent in PBKDF2 passphrase processing by. To increase the default from 2s to 3s and use sha512 one could for example use: